[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/7408 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 928bf63bb303f872cc4b62cd9f7cadfd343747c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 21 May 2020 11:13:11 -0400 Subject: [PATCH 1/2] lxd/qemu: Handle quoted raw.qemu MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #7333 Signed-off-by: Stéphane Graber --- lxd/instance/drivers/driver_qemu.go | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lxd/instance/drivers/driver_qemu.go b/lxd/instance/drivers/driver_qemu.go index 3f431e2e3c..5b4878e312 100644 --- a/lxd/instance/drivers/driver_qemu.go +++ b/lxd/instance/drivers/driver_qemu.go @@ -20,6 +20,7 @@ import ( "github.com/flosch/pongo2" "github.com/gorilla/websocket" + "github.com/kballard/go-shellquote" "github.com/pborman/uuid" "github.com/pkg/errors" "golang.org/x/sys/unix" @@ -774,7 +775,11 @@ func (vm *qemu) Start(stateful bool) error { } if vm.expandedConfig["raw.qemu"] != "" { - fields := strings.Split(vm.expandedConfig["raw.qemu"], " ") + fields, err := shellquote.Split(vm.expandedConfig["raw.qemu"]) + if err != nil { + op.Done(err) + return err + } qemuCmd = append(qemuCmd, fields...) } From 5007a03f285a7de7c052b777d11dc15b0ad240c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 21 May 2020 11:18:47 -0400 Subject: [PATCH 2/2] lxd/main_forkproxy: Reduce logging MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We only want to log initial connection errors and obvious kernel problems that would break the proxy. Connection related issues should be only logged when in debug mode. Closes #7332 Signed-off-by: Stéphane Graber --- lxd/main_forkproxy.go | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/lxd/main_forkproxy.go b/lxd/main_forkproxy.go index 6c1735b94c..8a7376cb3b 100644 --- a/lxd/main_forkproxy.go +++ b/lxd/main_forkproxy.go @@ -15,6 +15,7 @@ import ( "github.com/spf13/cobra" "golang.org/x/sys/unix" + "github.com/lxc/lxd/lxd/daemon" "github.com/lxc/lxd/lxd/device" deviceConfig "github.com/lxc/lxd/lxd/device/config" "github.com/lxc/lxd/shared" @@ -834,12 +835,12 @@ func genericRelay(dst net.Conn, src net.Conn, timeout bool) { select { case errSnd := <-chSend: - if errSnd != nil { + if daemon.Debug && errSnd != nil { fmt.Printf("Warning: Error while sending data: %v\n", errSnd) } case errRcv := <-chRecv: - if errRcv != nil { + if daemon.Debug && errRcv != nil { fmt.Printf("Warning: Error while reading data: %v\n", errRcv) } } @@ -927,12 +928,12 @@ func unixRelay(dst io.ReadWriteCloser, src io.ReadWriteCloser) { select { case errSnd := <-chSend: - if errSnd != nil { + if daemon.Debug && errSnd != nil { fmt.Printf("Warning: Error while sending data: %v\n", errSnd) } case errRcv := <-chRecv: - if errRcv != nil { + if daemon.Debug && errRcv != nil { fmt.Printf("Warning: Error while reading data: %v\n", errRcv) } } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4133 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Fixed a number of issues that were reported over the Christmas break on my flight back home. From a1a0475defb8b051ccbcd3eb3967f1a28f61136b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 2 Jan 2018 18:18:58 +0100 Subject: [PATCH 1/7] storage/btrfs: Fix handling of UUID-based mounts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #4121 Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 19 --- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index 20a2dd45b..1218ee271 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -108,7 +108,12 @@ func (s *storageBtrfs) StoragePoolCreate() error { s.pool.Config["volatile.initial_source"] = s.pool.Config["source"] isBlockDev := false - source := shared.HostPath(s.pool.Config["source"]) + + source := s.pool.Config["source"] + if strings.HasPrefix(source, "/") { + source = shared.HostPath(s.pool.Config["source"]) + } + if source == "" { source = filepath.Join(shared.VarPath("disks"), fmt.Sprintf("%s.img", s.pool.Name)) s.pool.Config["source"] = source @@ -259,7 +264,11 @@ func (s *storageBtrfs) StoragePoolCreate() error { func (s *storageBtrfs) StoragePoolDelete() error { logger.Infof("Deleting BTRFS storage pool \"%s\".", s.pool.Name) - source := shared.HostPath(s.pool.Config["source"]) + source := s.pool.Config["source"] + if strings.HasPrefix(source, "/") { + source = shared.HostPath(s.pool.Config["source"]) + } + if source == "" { return fmt.Errorf("no \"source\" property found for the storage pool") } @@ -324,7 +333,11 @@ func (s *storageBtrfs) StoragePoolDelete() error { func (s *storageBtrfs) StoragePoolMount() (bool, error) { logger.Debugf("Mounting BTRFS storage pool \"%s\".", s.pool.Name) - source := shared.HostPath(s.pool.Config["source"]) + source := s.pool.Config["source"] + if strings.HasPrefix(source, "/") { + source = shared.HostPath(s.pool.Config["source"]) + } + if source == "" { return false, fmt.Errorf("no \"source\" property found for the storage pool") } From 444808c3e492ca0d3e0e88a165119ca739058590 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 2 Jan 2018 18:26:27 +0100 Subject: [PATCH 2/7] doc: Add /images//secret to API list MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/rest-api.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/rest-api.md b/doc/rest-api.md index b9249da59..0d77f3b47 100644 --- a/doc/rest-api.md +++ b/doc/rest-api.md @@ -200,6 +200,7 @@ won't work and PUT needs to be used instead. * `/1.0/images/` * `/1.0/images//export` * `/1.0/images//refresh` + * `/1.0/images//secret` * `/1.0/images/aliases` * `/1.0/images/aliases/` * `/1.0/networks` From c7a011e6723689bdd82e20f8cdd0312cffcc9125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 2 Jan 2018 18:26:50 +0100 Subject: [PATCH 3/7] doc: List /1.0/storage-pools API endpoints MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/rest-api.md | 56 +--- 1 file changed, 5 insertions(+), 51 deletions(-) diff --git a/doc/rest-api.md b/doc/rest-api.md index 0d77f3b47..1c082c12f 100644 --- a/doc/rest-api.md +++ b/doc/rest-api.md @@ -211,6 +211,11 @@ won't work and PUT needs to be used instead. * `/1.0/operations//websocket` * `/1.0/profiles` * `/1.0/profiles/` + * `/1.0/storage-pools` + * `/1.0/storage-pools/` + * `/1.0/storage-pools//resources` + * `/1.0/storage-pools//volumes` + * `/1.0/storage-pools//volumes//` * `/1.0/resources` # API details @@ -2264,57 +2269,6 @@ Input (none at present): "/1.0/storage-pools/default/volumes/images/62e850a334bb9d99cac00b2e618e0291e5e7bb7db56c4246ecaf8e46fa0631a6" ] -## `/1.0/storage-pools//volumes` -### GET - * Description: list all storage volumes on a storage pool - * Introduced: with API extension `storage` - * Authentication: trusted - * Operation: sync - * Return: standard return value or standard error - -{ -"type": "sync", -"status": "Success", -"status_code": 200, -
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3656 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 81d5e787ddf46a3791eb1989ae0619f149b1363a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 11 Aug 2017 15:16:08 -0400 Subject: [PATCH 1/2] doc: Fix bad JSON in rest-api.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3654 Signed-off-by: Stéphane Graber --- doc/rest-api.md | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/rest-api.md b/doc/rest-api.md index b5c8f9a9c..3c4df4209 100644 --- a/doc/rest-api.md +++ b/doc/rest-api.md @@ -1402,8 +1402,8 @@ In the source image case, the following dict must be used: }, "aliases": [# Set initial aliases ("image_create_aliases" API extension) {"name": "my-alias", - "description: "A description" -}, + "description": "A description"} +], "source": { "type": "image", "mode": "pull", # Only pull is supported for now @@ -1427,8 +1427,8 @@ In the source container case, the following dict must be used: }, "aliases": [# Set initial aliases ("image_create_aliases" API extension) {"name": "my-alias", - "description: "A description" -}, + "description": "A description"} +], "source": { "type": "container",# One of "container" or "snapshot" "name": "abc" @@ -1445,8 +1445,8 @@ In the remote image URL case, the following dict must be used: }, "aliases": [# Set initial aliases ("image_create_aliases" API extension) {"name": "my-alias", - "description: "A description" -}, + "description": "A description"} +], "source": { "type": "url", "url": "https://www.some-server.com/image"; # URL for the image From a1173318fd424830fea6a86c19dd2555382bd960 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 11 Aug 2017 15:25:54 -0400 Subject: [PATCH 2/2] networks: Set dnsmasq.raw to be 0644 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3652 Signed-off-by: Stéphane Graber --- lxd/networks.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/networks.go b/lxd/networks.go index 608a91bf3..db25a2147 100644 --- a/lxd/networks.go +++ b/lxd/networks.go @@ -1187,7 +1187,7 @@ func (n *network) Start() error { } // Create a config file to contain additional config (and to prevent dnsmasq from reading /etc/dnsmasq.conf) - err = ioutil.WriteFile(shared.VarPath("networks", n.name, "dnsmasq.raw"), []byte(fmt.Sprintf("%s\n", n.config["raw.dnsmasq"])), 0) + err = ioutil.WriteFile(shared.VarPath("networks", n.name, "dnsmasq.raw"), []byte(fmt.Sprintf("%s\n", n.config["raw.dnsmasq"])), 0644) if err != nil { return err } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3500 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 441f13699411106ad27c5e24d0e691c9b86047c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 6 Jul 2017 00:24:17 -0400 Subject: [PATCH 1/2] client: Improve migration relay code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This removes code duplication by adding a new function for migration proxying and makes it more robust by validating things before starting the proxy. Signed-off-by: Stéphane Graber --- client/lxd_containers.go | 147 +-- 1 file changed, 91 insertions(+), 56 deletions(-) diff --git a/client/lxd_containers.go b/client/lxd_containers.go index b627169db..9d4cb6bce 100644 --- a/client/lxd_containers.go +++ b/client/lxd_containers.go @@ -344,36 +344,11 @@ func (r *ProtocolLXD) CopyContainer(source ContainerServer, container api.Contai } // Launch the relay - dones := []chan bool{} - conns := []*websocket.Conn{} - - for name := range sourceSecrets { - sourceConn, err := source.GetOperationWebsocket(op.ID, sourceSecrets[name]) - if err != nil { - return nil, err - } - - targetConn, err := r.GetOperationWebsocket(targetOp.ID, targetSecrets[name]) - if err != nil { - return nil, err - } - - conns = append(conns, sourceConn) - conns = append(conns, targetConn) - dones = append(dones, shared.WebsocketProxy(sourceConn, targetConn)) + err = r.proxyMigration(targetOp, targetSecrets, source, op, sourceSecrets) + if err != nil { + return nil, err } - // Wait for everything to be done - go func() { - for _, chDone := range dones { - <-chDone - } - - for _, conn := range conns { - conn.Close() - } - }() - // Prepare a tracking operation rop := RemoteOperation{ targetOp: targetOp, @@ -399,6 +374,91 @@ func (r *ProtocolLXD) CopyContainer(source ContainerServer, container api.Contai return r.tryCreateContainer(req, info.Addresses) } +func (r *ProtocolLXD) proxyMigration(targetOp *Operation, targetSecrets map[string]string, source ContainerServer, sourceOp *Operation, sourceSecrets map[string]string) error { + // Sanity checks + for n := range targetSecrets { + _, ok := sourceSecrets[n] + if !ok { + return fmt.Errorf("Migration target expects the \"%s\" socket but source isn't providing it", n) + } + } + + if targetSecrets["control"] == "" { + return fmt.Errorf("Migration target didn't setup the required \"control\" socket") + } + + // Struct used to hold everything together + type proxy struct { + done chan bool + sourceConn *websocket.Conn + targetConn *websocket.Conn + } + + proxies := map[string]*proxy{} + + // Connect the control socket + sourceConn, err := source.GetOperationWebsocket(sourceOp.ID, sourceSecrets["control"]) + if err != nil { + return err + } + + targetConn, err := r.GetOperationWebsocket(targetOp.ID, targetSecrets["control"]) + if err != nil { + return err + } + + proxies["control"] = &proxy{ + done: shared.WebsocketProxy(sourceConn, targetConn), + sourceConn: sourceConn, + targetConn: targetConn, + } + + // Connect the data sockets + for name := range sourceSecrets { + if name == "control" { + continue + } + + // Handle resets (used for multiple objects) + sourceConn, err := source.GetOperationWebsocket(sourceOp.ID, sourceSecrets[name]) + if err != nil { + break + } + + targetConn, err := r.GetOperationWebsocket(targetOp.ID, targetSecrets[name]) + if err != nil { + break + } + + proxies[name] = &proxy{ + sourceConn: sourceConn, + targetConn: targetC
[lxc-devel] [lxd/master] Bugfixes and minor improvements
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3477 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 4b2fe61854d6e8a825b0a9c8f02f7d2f48c35b3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 1 Jul 2017 15:58:51 -0400 Subject: [PATCH 1/8] tests: Add a test for read-only disks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/config.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/suites/config.sh b/test/suites/config.sh index 0f053ba64..e39455d30 100644 --- a/test/suites/config.sh +++ b/test/suites/config.sh @@ -160,6 +160,7 @@ test_config_profiles() { # test live-adding a nic lxc start foo + lxc exec foo -- cat /proc/self/mountinfo | grep -q "/mnt1.*ro," ! lxc config show foo | grep -q "raw.lxc" lxc config show foo --expanded | grep -q "raw.lxc" ! lxc config show foo | grep -v "volatile.eth0" | grep -q "eth0" @@ -174,6 +175,7 @@ test_config_profiles() { mkdir "${TEST_DIR}/mnt2" touch "${TEST_DIR}/mnt2/hosts" lxc config device add foo mnt2 disk source="${TEST_DIR}/mnt2" path=/mnt2 readonly=true + lxc exec foo -- cat /proc/self/mountinfo | grep -q "/mnt2.*ro," lxc exec foo -- ls /mnt2/hosts lxc stop foo --force lxc start foo From f81dba94cce6cd77c96eeabd06b2713f04c3d216 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 1 Jul 2017 15:49:53 -0400 Subject: [PATCH 2/8] shared/cancel: Fix return value ordering MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client/util.go| 2 +- lxd/daemon_images.go | 2 +- shared/cancel/canceler.go | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/client/util.go b/client/util.go index 1a166787d..de5073628 100644 --- a/client/util.go +++ b/client/util.go @@ -97,7 +97,7 @@ func downloadFileSha256(httpClient *http.Client, useragent string, progress func } // Perform the request - r, err, doneCh := cancel.CancelableDownload(canceler, httpClient, req) + r, doneCh, err := cancel.CancelableDownload(canceler, httpClient, req) if err != nil { return -1, err } diff --git a/lxd/daemon_images.go b/lxd/daemon_images.go index 3931de54a..ee6244dc6 100644 --- a/lxd/daemon_images.go +++ b/lxd/daemon_images.go @@ -433,7 +433,7 @@ func (d *Daemon) ImageDownload(op *operation, server string, protocol string, ce req.Header.Set("User-Agent", version.UserAgent) // Make the request - raw, err, doneCh := cancel.CancelableDownload(canceler, httpClient, req) + raw, doneCh, err := cancel.CancelableDownload(canceler, httpClient, req) defer close(doneCh) if err != nil { return nil, err diff --git a/shared/cancel/canceler.go b/shared/cancel/canceler.go index 79f60dbf9..c978c6936 100644 --- a/shared/cancel/canceler.go +++ b/shared/cancel/canceler.go @@ -24,7 +24,7 @@ func (c *Canceler) Cancel() error { return nil } -func CancelableDownload(c *Canceler, client *http.Client, req *http.Request) (*http.Response, error, chan bool) { +func CancelableDownload(c *Canceler, client *http.Client, req *http.Request) (*http.Response, chan bool, error) { chDone := make(chan bool) go func() { @@ -47,5 +47,5 @@ func CancelableDownload(c *Canceler, client *http.Client, req *http.Request) (*h }() resp, err := client.Do(req) - return resp, err, chDone + return resp, chDone, err } From 56816d12e38616fe6b5c8dee78ec7614fe675213 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 1 Jul 2017 15:53:14 -0400 Subject: [PATCH 3/8] client: Allow canceling image download from LXDs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client/lxd_images.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/client/lxd_images.go b/client/lxd_images.go index e17b1d29e..0ba289f34 100644 --- a/client/lxd_images.go +++ b/client/lxd_images.go @@ -14,6 +14,7 @@ import ( "github.com/lxc/lxd/shared" "github.com/lxc/lxd/shared/api" + "github.com/lxc/lxd/shared/cancel" "github.com/lxc/lxd/shared/ioprogress" ) @@ -117,11 +118,12 @@ func (r *ProtocolLXD) GetPrivateImageFile(fingerprint string, secret string, req } // Start the request - response, err := r.http.Do(request) + response, doneCh, err := cancel.CancelableDownload(req.Canceler, r.http, request) if err != nil { return nil, err
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3475 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 9556c8ef8e3069ba9e015bc7319300ac88241ebe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 1 Jul 2017 00:38:51 -0400 Subject: [PATCH] network: Don't fail on non-process PIDs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If the PID we have point to a kernel thread, /proc/PID/exe will not exist and resolving the symlink will therefore fail. In such cases, just go ahead with an empty path which will result in the right behavior. Launchpad: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1698712 Signed-off-by: Stéphane Graber --- lxd/networks_utils.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/networks_utils.go b/lxd/networks_utils.go index 3bac33d0a..098487cc3 100644 --- a/lxd/networks_utils.go +++ b/lxd/networks_utils.go @@ -681,7 +681,7 @@ func networkKillDnsmasq(name string, reload bool) error { // Check if it's dnsmasq cmdPath, err := os.Readlink(fmt.Sprintf("/proc/%s/exe", pid)) if err != nil { - return err + cmdPath = "" } // Deal with deleted paths ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes and minor improvements
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3474 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 57c675067fc5df825c9c5d7b2bd0a203a19b3f03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 30 Jun 2017 15:44:47 -0400 Subject: [PATCH 1/3] lxc/config: Removal of multiple devices at once MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Launchpad: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1690299 Signed-off-by: Stéphane Graber --- lxc/config.go | 26 ++ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/lxc/config.go b/lxc/config.go index f9b26642c..6bc2fd06d 100644 --- a/lxc/config.go +++ b/lxc/config.go @@ -99,7 +99,7 @@ lxc config device list [:] lxc config device show [:] Show full device details for container. -lxc config device remove [:] +lxc config device remove [:] ... Remove device from container. *Client trust store management* @@ -993,19 +993,19 @@ func (c *configCmd) deviceRm(conf *config.Config, which string, args []string) e return err } - devname := args[3] - if which == "profile" { profile, etag, err := client.GetProfile(name) if err != nil { return err } - _, ok := profile.Devices[devname] - if !ok { - return fmt.Errorf(i18n.G("The device doesn't exist")) + for _, devname := range args[3:] { + _, ok := profile.Devices[devname] + if !ok { + return fmt.Errorf(i18n.G("The device doesn't exist")) + } + delete(profile.Devices, devname) } - delete(profile.Devices, devname) err = client.UpdateProfile(name, profile.Writable(), etag) if err != nil { @@ -1017,11 +1017,13 @@ func (c *configCmd) deviceRm(conf *config.Config, which string, args []string) e return err } - _, ok := container.Devices[devname] - if !ok { - return fmt.Errorf(i18n.G("The device doesn't exist")) + for _, devname := range args[3:] { + _, ok := container.Devices[devname] + if !ok { + return fmt.Errorf(i18n.G("The device doesn't exist")) + } + delete(container.Devices, devname) } - delete(container.Devices, devname) op, err := client.UpdateContainer(name, container.Writable(), etag) if err != nil { @@ -1034,7 +1036,7 @@ func (c *configCmd) deviceRm(conf *config.Config, which string, args []string) e } } - fmt.Printf(i18n.G("Device %s removed from %s")+"\n", devname, name) + fmt.Printf(i18n.G("Device %s removed from %s")+"\n", strings.Join(args[3:], ", "), name) return nil } From 083c5b2a8ad4c70f8a1769d7a902001bd9a7dd39 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 30 Jun 2017 17:02:21 -0400 Subject: [PATCH 2/3] client: Commonize error handling MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some functions that were doing direct HTTP queries weren't using the centralized error handling and would lead to low level errors being reported to the user rather than the more useful higher level errors. Signed-off-by: Stéphane Graber --- client/lxd.go| 50 ++-- client/lxd_containers.go | 15 +++ client/lxd_images.go | 23 ++ 3 files changed, 44 insertions(+), 44 deletions(-) diff --git a/client/lxd.go b/client/lxd.go index 742ad2fc6..a6e071308 100644 --- a/client/lxd.go +++ b/client/lxd.go @@ -74,6 +74,32 @@ func (r *ProtocolLXD) RawWebsocket(path string) (*websocket.Conn, error) { } // Internal functions +func (r *ProtocolLXD) parseResponse(resp *http.Response) (*api.Response, string, error) { + // Get the ETag + etag := resp.Header.Get("ETag") + + // Decode the response + decoder := json.NewDecoder(resp.Body) + response := api.Response{} + + err := decoder.Decode(&response) + if err != nil { + // Check the return value for a cleaner error + if resp.StatusCode != http.StatusOK { + return nil, "", fmt.Errorf("Failed to fetch %s: %s", resp.Request.URL.String(), resp.Status) + } + + return nil, "", err + } + + //
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3467 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 1030ca30a95167de294b6f236dd6f98c270fd511 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 29 Jun 2017 13:00:41 -0400 Subject: [PATCH 1/2] cancel: Fix crash if no canceler is setup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/cancel/canceler.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shared/cancel/canceler.go b/shared/cancel/canceler.go index 7e8685197..79f60dbf9 100644 --- a/shared/cancel/canceler.go +++ b/shared/cancel/canceler.go @@ -34,7 +34,7 @@ func CancelableDownload(c *Canceler, client *http.Client, req *http.Request) (*h } select { - case <-c.chCancel: + case <-chCancel: if transport, ok := client.Transport.(*http.Transport); ok { transport.CancelRequest(req) } From a5c78fe94294d398cadc3524a5209cb013ad1277 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 29 Jun 2017 13:19:10 -0400 Subject: [PATCH 2/2] Make deprecation warnings visible in godoc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3466 Signed-off-by: Stéphane Graber --- client.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/client.go b/client.go index 8353335a0..174540ebe 100644 --- a/client.go +++ b/client.go @@ -1,8 +1,7 @@ -package lxd - // DEPRECATED: This package is now deprecated in favor of github.com/lxc/lxd/client // // This package will be entirely removed from the code tree with LXD 2.16 +package lxd import ( "bytes" ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3458 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 93a2e101ef282c849030f6ca411f651b0cd00766 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 27 Jun 2017 13:59:46 -0400 Subject: [PATCH 1/2] tests: Don't attempt to finger public remotes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/remote.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/test/suites/remote.sh b/test/suites/remote.sh index fd9a92446..d53ee123e 100644 --- a/test/suites/remote.sh +++ b/test/suites/remote.sh @@ -17,7 +17,6 @@ test_remote_url() { for url in ${urls}; do lxc_remote remote add test "${url}" -lxc_remote finger test: lxc_remote remote remove test done } From c469b049b269a49dccfe0b15c60b85dd64baf1bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 27 Jun 2017 15:01:14 -0400 Subject: [PATCH 2/2] client: Fix non-interactive exec hangs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When in a non-interactive exec case with an active stdin, we shouldn't wait for stdin to be done before closing the rest of the connections as stdin needs to be closed separately. Signed-off-by: Stéphane Graber --- client/lxd_containers.go | 19 ++- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/client/lxd_containers.go b/client/lxd_containers.go index af16cf51d..c3786914b 100644 --- a/client/lxd_containers.go +++ b/client/lxd_containers.go @@ -396,10 +396,14 @@ func (r *ProtocolLXD) ExecContainer(containerName string, exec api.ContainerExec close(args.DataDone) } }() + } else { + if args.DataDone != nil { + close(args.DataDone) + } } } else { // Handle non-interactive sessions - dones := []chan bool{} + dones := map[int]chan bool{} conns := []*websocket.Conn{} // Handle stdin @@ -410,7 +414,7 @@ func (r *ProtocolLXD) ExecContainer(containerName string, exec api.ContainerExec } conns = append(conns, conn) - dones = append(dones, shared.WebsocketSendStream(conn, args.Stdin, -1)) + dones[0] = shared.WebsocketSendStream(conn, args.Stdin, -1) } // Handle stdout @@ -421,7 +425,7 @@ func (r *ProtocolLXD) ExecContainer(containerName string, exec api.ContainerExec } conns = append(conns, conn) - dones = append(dones, shared.WebsocketRecvStream(args.Stdout, conn)) + dones[1] = shared.WebsocketRecvStream(args.Stdout, conn) } // Handle stderr @@ -432,12 +436,17 @@ func (r *ProtocolLXD) ExecContainer(containerName string, exec api.ContainerExec } conns = append(conns, conn) - dones = append(dones, shared.WebsocketRecvStream(args.Stderr, conn)) + dones[2] = shared.WebsocketRecvStream(args.Stderr, conn) } // Wait for everything to be done go func() { - for _, chDone := range dones { + for i, chDone := range dones { + // Skip stdin, dealing with it separately below + if i == 0 { + continue + } + <-chDone } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3452 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 0134b50a8afc27d4b304a62e1a1a5c26ccec9d6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 23 Jun 2017 20:10:18 -0400 Subject: [PATCH 1/2] doc: markdown escaping MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/storage.md | 32 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/doc/storage.md b/doc/storage.md index 5980d8959..3b1924bb3 100644 --- a/doc/storage.md +++ b/doc/storage.md @@ -5,22 +5,22 @@ Volume keys apply to any volume created in the pool unless the value is overridden on a per-volume basis. ## Storage pool configuration -Key | Type | Condition | Default | Description -:-- | :-- | :-- | :-- | :-- -size| string| appropriate driver and source | 0 | Size of the storage pool in bytes (suffixes supported). (Currently valid for loop based pools and zfs.) -source | string| - | - | Path to block device or loop file or filesystem entry -btrfs.mount\_options| string| btrfs driver | user_subvol_rm_allowed | Mount options for block devices -lvm.thinpool\_name | string| lvm driver | LXDPool | Thin pool where images and containers are created. -lvm.use\_thinpool | bool | lvm driver | true| Whether the storage pool uses a thinpool for logical volumes. -lvm.vg\_name| string| lvm driver | name of the pool| Name of the volume group to create. -rsync.bwlimit | string| - | 0 (no limit)| Specifies the upper limit to be placed on the socket I/O whenever rsync has to be used to transfer storage entities. -volume.block.filesystem | string| block based driver (lvm) | ext4| Filesystem to use for new volumes -volume.block.mount\_options | string| block based driver (lvm) | discard | Mount options for block devices -volume.size | string| appropriate driver | 0 | Default volume size -volume.zfs.remove\_snapshots| bool | zfs driver | false | Remove snapshots as needed -volume.zfs.use\_refquota| bool | zfs driver | false | Use refquota instead of quota for space. -zfs.clone\_copy | bool | zfs driver | true| Whether to use ZFS lightweight clones rather than full dataset copies. -zfs.pool\_name | string| zfs driver | name of the pool| Name of the zpool +Key | Type | Condition | Default| Description +:-- | :-- | :-- | :--| :-- +size| string| appropriate driver and source | 0 | Size of the storage pool in bytes (suffixes supported). (Currently valid for loop based pools and zfs.) +source | string| - | - | Path to block device or loop file or filesystem entry +btrfs.mount\_options| string| btrfs driver | user\_subvol\_rm\_allowed | Mount options for block devices +lvm.thinpool\_name | string| lvm driver | LXDPool| Thin pool where images and containers are created. +lvm.use\_thinpool | bool | lvm driver | true | Whether the storage pool uses a thinpool for logical volumes. +lvm.vg\_name| string| lvm driver | name of the pool | Name of the volume group to create. +rsync.bwlimit | string| - | 0 (no limit) | Specifies the upper limit to be placed on the socket I/O whenever rsync has to be used to transfer storage entities. +volume.block.fi
[lxc-devel] [lxd/master] Bugfixes and tweaks to new client library
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3361 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From baf4204563d0095cb08b9cc64e913df4f7099b33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 26 May 2017 23:11:42 -0400 Subject: [PATCH 1/6] client: Improve error on image copy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client/lxd_images.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/lxd_images.go b/client/lxd_images.go index 1abf5f7a4..641f000c2 100644 --- a/client/lxd_images.go +++ b/client/lxd_images.go @@ -467,7 +467,7 @@ func (r *ProtocolLXD) tryCopyImage(target ContainerServer, req api.ImagesPost, u } if !success { - rop.err = fmt.Errorf("%s", strings.Join(errors, "\n")) + rop.err = fmt.Errorf("Failed remote image download:\n - %s", strings.Join(errors, "\n - ")) } close(rop.chDone) From 2e43489b4c149a9fef043e40d211e7492af2c4d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 29 May 2017 16:39:07 -0400 Subject: [PATCH 2/6] client: Add image_create_aliases backward compat MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client/lxd_images.go | 33 + client/operations.go | 27 +-- client/simplestreams_images.go | 36 +++- 3 files changed, 89 insertions(+), 7 deletions(-) diff --git a/client/lxd_images.go b/client/lxd_images.go index 641f000c2..eb67ee268 100644 --- a/client/lxd_images.go +++ b/client/lxd_images.go @@ -437,6 +437,39 @@ func (r *ProtocolLXD) tryCopyImage(target ContainerServer, req api.ImagesPost, u chDone: make(chan bool), } + // For older servers, apply the aliases after copy + if !target.HasExtension("image_create_aliases") && req.Aliases != nil { + rop.chPost = make(chan bool) + + go func() { + defer close(rop.chPost) + + // Wait for the main operation to finish + <-rop.chDone + if rop.err != nil { + return + } + + // Get the operation data + op, err := rop.GetTarget() + if err != nil { + return + } + + // Extract the fingerprint + fingerprint := op.Metadata["fingerprint"].(string) + + // Add the aliases + for _, entry := range req.Aliases { + alias := api.ImageAliasesPost{} + alias.Name = entry.Name + alias.Target = fingerprint + + target.CreateImageAlias(alias) + } + }() + } + // Forward targetOp to remote op go func() { success := false diff --git a/client/operations.go b/client/operations.go index 6520556cb..ec092644c 100644 --- a/client/operations.go +++ b/client/operations.go @@ -232,15 +232,10 @@ type RemoteOperation struct { handlers []func(api.Operation) chDone chan bool + chPost chan bool errerror } -// Wait lets you wait until the operation reaches a final state -func (op *RemoteOperation) Wait() error { - <-op.chDone - return op.err -} - // AddHandler adds a function to be called whenever an event is received func (op *RemoteOperation) AddHandler(function func(api.Operation)) (*EventTarget, error) { var err error @@ -265,3 +260,23 @@ func (op *RemoteOperation) AddHandler(function func(api.Operation)) (*EventTarge return target, nil } + +// GetTarget returns the target operation +func (op *RemoteOperation) GetTarget() (*api.Operation, error) { + if op.targetOp == nil { + return nil, fmt.Errorf("No associated target operation") + } + + return &op.targetOp.Operation, nil +} + +// Wait lets you wait until the operation reaches a final state +func (op *RemoteOperation) Wait() error { + <-op.chDone + + if op.chPost != nil { + <-op.chPost + } + + return op.err +} diff --git a/client/simplestreams_images.go b/client/simplestreams_images.go index 3d9b7ecef..970c308a0 100644 --- a/client/simplestreams_images.go +++ b/client/simplestreams_images.go @@ -2,8 +2,9 @@ package lxd impo
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3348 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === https://assets-cdn.github.com/assets/frameworks-578ca7f0b9c44dbdb7974b074551a85537e2b4e6c874d48d85c38040adc0dee9.css"; media="all" rel="stylesheet" /> https://assets-cdn.github.com/assets/github-e25664a6025176ef5d82bb6c21b5f4d3e5a515f49a0bc4b423f009a6492af4fc.css"; media="all" rel="stylesheet" /> https://assets-cdn.github.com/assets/site-0047c348443848937ad9891b690c4acb6ee0d96263d91e9b1725194e65869e91.css"; media="all" rel="stylesheet" /> Bugfixes by stgraber · Pull Request #3348 · lxc/lxd · GitHub https://github.com/fluidicon.png"; title="GitHub"> https://avatars1.githubusercontent.com/u/2230599?v=3&s=400"; property="og:image" />https://github.com/lxc/lxd/pull/3348"; property="og:url" /> https://assets-cdn.github.com/";> https://collector.githubapp.com/github-external/browser_event"; name="octolytics-event-url" /> span.labelstyle-0052cc, .linked-labelstyle-0052cc { background-color: #0052cc !important; color: #fff !important;}.labelstyle-0052cc.selected { background-color: #0052cc !important; color: #fff !important;}.label-select-menu .labelstyle-0052cc.selected { background:rgba(0, 82, 204, 0.12) !important; color: #003d99 !important;} span.labelstyle-006b75, .linked-labelstyle-006b75 { background-color: #006b75 !important; color: #fff !important;}.labelstyle-006b75.selected { background-color: #006b75 !important; color: #fff !important;}.label-select-menu .labelstyle-006b75.selected { background:rgba(0, 107, 117, 0.12) !important; color: #008b99 !important;} span.labelstyle-eb6420, .linked-labelstyle-eb6420 { background-color: #eb6420 !important; color: #fff !important;}.labelstyle-eb6420.selected { background-color: #eb6420 !important; color: #fff !important;}.label-select-menu .labelstyle-eb6420.selected { background:rgba(235, 100, 32, 0.12) !important; color: #994114 !important;} span.labelstyle-d9d9d9, .linked-labelstyle-d9d9d9 { background-color: #d9d9d9 !important; color: #33 !important;}.labelstyle-d9d9d9.selected { background-color: #d9d9d9 !important; color: #33 !important;}.label-select-menu .labelstyle-d9d9d9.selected { background:rgba(217, 217, 217, 0.12) !important; color: #99 !important;} span.labelstyle-fbca04, .linked-labelstyle-fbca04 { background-color: #fbca04 !important; color: #332900 !important;}.labelstyle-fbca04.selected { background-color: #fbca04 !important; color: #332900 !important;}.label-select-menu .labelstyle-fbca04.selected { background:rgba(251, 202, 4, 0.12) !important; color: #997b02 !important;} span.labelstyle-009800, .linked-labelstyle-009800 { background-color: #009800 !important; color: #fff !important;}.labelstyle-009800.selected { background-color: #009800 !important; color: #fff !important;}.label-select-menu .labelstyle-009800.selected { background:rgba(0, 152, 0, 0.12) !important; color: #009900 !important;} span.labelstyle-00, .linked-labelstyle-00 { background-color: #00 !important; color: #fff !important;}.labelstyle-00.selected { background-color: #00 !important; color: #fff !important;}.label-select-menu .labelstyle-00.selected { background:rgba(247, 247, 247, 1.0) !important; color: #66 !important;} span.labelstyle-84b6eb, .linked-labelstyle-84b6eb { background-color: #84b6eb !important; color: #1c2733 !important;}.labelstyle-84b6eb.selected { background-color: #84b6eb !important; color: #1c2733 !important;}.label-select-menu .labelstyle-84b6eb.selected { background:rgba(132, 182, 235, 0.12) !important; color: #557699 !important;} span.labelstyle-5319e7, .linked-labelstyle-5319e7 { background-color: #5319e7 !important; color: #fff !important;}.labelstyle-5319e7.selected { background-color: #5319e7 !important; color: #fff !important;}.label-select-menu .labelstyle-5319e7.selected { background:rgba(83, 25, 231, 0.12) !important; color: #361099 !important;} span.labelstyle-d4c5f9, .linked-labelstyle-d4c5f9 { background-color: #d4c5f9 !important; color: #2b2833 !important;}.labelstyle-d4c5f9.selected { background-color: #d4c5f9 !important; color: #2b2833 !important;}.label-select-menu .labelstyle-d4c5f9.selected { background:rgba(212, 197, 249, 0.12) !important; color: #827999 !important;} span.labelstyle-e11d21, .linked-labelstyle-e11d21 { background-color: #e11d21 !important; color: #fff !important;}.labelstyle-e11d21.selected { background-color: #e11d21 !important; color: #fff !important;}.label-select-menu .labelstyle-e11d21.selected { backgrou
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3342 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 4f72309199beee7e3cb1f95f6e1beecb7b03258d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 23 May 2017 22:52:53 -0400 Subject: [PATCH 1/5] lxc: Fix obscure error on missing object name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3230 Signed-off-by: Stéphane Graber --- lxc/network.go | 4 lxc/storage.go | 4 2 files changed, 8 insertions(+) diff --git a/lxc/network.go b/lxc/network.go index 0fdea242e..be0dfcd58 100644 --- a/lxc/network.go +++ b/lxc/network.go @@ -504,6 +504,10 @@ func (c *networkCmd) doNetworkSet(client *lxd.Client, name string, args []string } func (c *networkCmd) doNetworkShow(client *lxd.Client, name string) error { + if name == "" { + return errArgs + } + network, err := client.NetworkGet(name) if err != nil { return err diff --git a/lxc/storage.go b/lxc/storage.go index 50bcc2a95..abd34efc7 100644 --- a/lxc/storage.go +++ b/lxc/storage.go @@ -649,6 +649,10 @@ func (c *storageCmd) doStoragePoolSet(client *lxd.Client, name string, args []st } func (c *storageCmd) doStoragePoolShow(client *lxd.Client, name string) error { + if name == "" { + return errArgs + } + pool, err := client.StoragePoolGet(name) if err != nil { return err From 877744a1074985c5fa2f5954f95f2e71f72a7c3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 23 May 2017 23:22:56 -0400 Subject: [PATCH 2/5] lxd/containers: fillNetworkDevice is only for nic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 32b37a5db..db1a8536e 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -5960,15 +5960,15 @@ func (c *containerLXC) removeNetworkFilter(hwaddr string, bridge string) error { func (c *containerLXC) removeNetworkFilters() error { for k, m := range c.expandedDevices { + if m["type"] != "nic" || m["nictype"] != "bridged" { + continue + } + m, err := c.fillNetworkDevice(k, m) if err != nil { return err } - if m["type"] != "nic" || m["nictype"] != "bridged" { - continue - } - err = c.removeNetworkFilter(m["hwaddr"], m["parent"]) if err != nil { return err From 85a9930418eee961be4cd5b6e8d74b777a89c56e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 23 May 2017 23:58:24 -0400 Subject: [PATCH 3/5] lxd/containers: Also clear the host_name volatile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index db1a8536e..22c56f432 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1868,8 +1868,8 @@ func (c *containerLXC) startCommon() (string, error) { continue } - // The only device keys we care about are name and hwaddr - if !shared.StringInSlice(fields[2], []string{"name", "hwaddr"}) { + // The only device keys we care about are name, hwaddr and host_name + if !shared.StringInSlice(fields[2], []string{"name", "hwaddr", "host_name"}) { continue } From 7e573af57ba31a377fbc1c37fdd7a471b7c3f74b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 23 May 2017 23:59:39 -0400 Subject: [PATCH 4/5] lxd/containers: Cleanup volatile keys on update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3231 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 90 1 file changed, 42 insertions(+), 48 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 22c56f432..3042a1471 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1847,51 +1847,6 @@ func (c *containerLXC) startCommon() (string, error) { return "", err } - // Cleanup any leftover volatile entries - netNames := []string{} - for _, k := range c.expandedDevices.DeviceNames()
[lxc-devel] [lxd/master] bugfixes from stgraber
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3297 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === I have no idea what Github just did with @stgraber's branch, but whatever. Opening here again with `maki18n` on top. https://assets-cdn.github.com/assets/frameworks-81a59bf26d881d29286674f6deefe779c444382fff322085b50ba455460ccae5.css"; media="all" rel="stylesheet" /> https://assets-cdn.github.com/assets/github-64951a579f72746470cd6d8d29a3170eb697f3b1e3a7472c5787af321ad3cfc9.css"; media="all" rel="stylesheet" /> https://assets-cdn.github.com/assets/site-7d9c6bd23286465361abfa183deb8a05eabb77438ab42033e8230c0c0768d539.css"; media="all" rel="stylesheet" /> bugfixes from stgraber by brauner · Pull Request #3297 · lxc/lxd · GitHub https://github.com/fluidicon.png"; title="GitHub"> https://avatars3.githubusercontent.com/u/7353573?v=3&s=400"; property="og:image" />https://github.com/lxc/lxd/pull/3297"; property="og:url" /> https://assets-cdn.github.com/";> https://collector.githubapp.com/github-external/browser_event"; name="octolytics-event-url" /> span.labelstyle-0052cc, .linked-labelstyle-0052cc { background-color: #0052cc !important; color: #fff !important;}.labelstyle-0052cc.selected { background-color: #0052cc !important; color: #fff !important;}.label-select-menu .labelstyle-0052cc.selected { background:rgba(0, 82, 204, 0.12) !important; color: #003d99 !important;} span.labelstyle-006b75, .linked-labelstyle-006b75 { background-color: #006b75 !important; color: #fff !important;}.labelstyle-006b75.selected { background-color: #006b75 !important; color: #fff !important;}.label-select-menu .labelstyle-006b75.selected { background:rgba(0, 107, 117, 0.12) !important; color: #008b99 !important;} span.labelstyle-eb6420, .linked-labelstyle-eb6420 { background-color: #eb6420 !important; color: #fff !important;}.labelstyle-eb6420.selected { background-color: #eb6420 !important; color: #fff !important;}.label-select-menu .labelstyle-eb6420.selected { background:rgba(235, 100, 32, 0.12) !important; color: #994114 !important;} span.labelstyle-d9d9d9, .linked-labelstyle-d9d9d9 { background-color: #d9d9d9 !important; color: #33 !important;}.labelstyle-d9d9d9.selected { background-color: #d9d9d9 !important; color: #33 !important;}.label-select-menu .labelstyle-d9d9d9.selected { background:rgba(217, 217, 217, 0.12) !important; color: #99 !important;} span.labelstyle-fbca04, .linked-labelstyle-fbca04 { background-color: #fbca04 !important; color: #332900 !important;}.labelstyle-fbca04.selected { background-color: #fbca04 !important; color: #332900 !important;}.label-select-menu .labelstyle-fbca04.selected { background:rgba(251, 202, 4, 0.12) !important; color: #997b02 !important;} span.labelstyle-009800, .linked-labelstyle-009800 { background-color: #009800 !important; color: #fff !important;}.labelstyle-009800.selected { background-color: #009800 !important; color: #fff !important;}.label-select-menu .labelstyle-009800.selected { background:rgba(0, 152, 0, 0.12) !important; color: #009900 !important;} span.labelstyle-00, .linked-labelstyle-00 { background-color: #00 !important; color: #fff !important;}.labelstyle-00.selected { background-color: #00 !important; color: #fff !important;}.label-select-menu .labelstyle-00.selected { background:rgba(247, 247, 247, 1.0) !important; color: #66 !important;} span.labelstyle-84b6eb, .linked-labelstyle-84b6eb { background-color: #84b6eb !important; color: #1c2733 !important;}.labelstyle-84b6eb.selected { background-color: #84b6eb !important; color: #1c2733 !important;}.label-select-menu .labelstyle-84b6eb.selected { background:rgba(132, 182, 235, 0.12) !important; color: #557699 !important;} span.labelstyle-5319e7, .linked-labelstyle-5319e7 { background-color: #5319e7 !important; color: #fff !important;}.labelstyle-5319e7.selected { background-color: #5319e7 !important; color: #fff !important;}.label-select-menu .labelstyle-5319e7.selected { background:rgba(83, 25, 231, 0.12) !important; color: #361099 !important;} span.labelstyle-d4c5f9, .linked-labelstyle-d4c5f9 { background-color: #d4c5f9 !important; color: #2b2833 !important;}.labelstyle-d4c5f9.selected { background-color: #d4c5f9 !important; color: #2b2833 !important;}.label-select-menu .labelstyle-d4c5f9.selected { background:rgba(212, 197, 249, 0.12) !important; color: #827999 !important;} span.labelstyle-e11d21, .linked-labelstyle-e11d21 { background-color: #e11d21 !important; color: #fff !important;}.labelstyle-e11d21.select
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3296 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 87814639c0197f23ffdb60f64d9a5abb6ca3eee7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 8 May 2017 13:53:46 -0400 Subject: [PATCH 1/4] client: Fill the server fingerprint if missing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client/lxd_server.go | 10 ++ 1 file changed, 10 insertions(+) diff --git a/client/lxd_server.go b/client/lxd_server.go index b358e22..2e42f39 100644 --- a/client/lxd_server.go +++ b/client/lxd_server.go @@ -1,6 +1,7 @@ package lxd import ( + "github.com/lxc/lxd/shared" "github.com/lxc/lxd/shared/api" ) @@ -16,6 +17,15 @@ func (r *ProtocolLXD) GetServer() (*api.Server, string, error) { return nil, "", err } + // Fill in certificate fingerprint if not provided + if server.Environment.CertificateFingerprint == "" && server.Environment.Certificate != "" { + var err error + server.Environment.CertificateFingerprint, err = shared.CertFingerprintStr(server.Environment.Certificate) + if err != nil { + return nil, "", err + } + } + // Add the value to the cache r.server = &server From 3cd7b77397e752a8e4e67ca567ec630aee0dbe99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 8 May 2017 13:54:00 -0400 Subject: [PATCH 2/4] lxc/remote: Show the fingerprint as string not hex MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3293 Signed-off-by: Stéphane Graber --- lxc/remote.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxc/remote.go b/lxc/remote.go index 1050721..d9b04ed 100644 --- a/lxc/remote.go +++ b/lxc/remote.go @@ -229,7 +229,7 @@ func (c *remoteCmd) addServer(config *lxd.Config, server string, addr string, ac if !acceptCert { digest := shared.CertFingerprint(certificate) - fmt.Printf(i18n.G("Certificate fingerprint: %x")+"\n", digest) + fmt.Printf(i18n.G("Certificate fingerprint: %s")+"\n", digest) fmt.Printf(i18n.G("ok (y/n)?") + " ") line, err := shared.ReadStdin() if err != nil { From f23cbadf0a002cd42ed1301a7f97af3388623498 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 8 May 2017 14:00:50 -0400 Subject: [PATCH 3/4] daemon: Set ServerFingerprint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We somehow forgot to do that a long time ago. Our client has always been computing it itself instead, lets just set it to save some hashing time on the client side. Signed-off-by: Stéphane Graber --- lxd/api_1.0.go | 28 +--- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/lxd/api_1.0.go b/lxd/api_1.0.go index 31ed765..3e9c85f 100644 --- a/lxd/api_1.0.go +++ b/lxd/api_1.0.go @@ -162,8 +162,13 @@ func api10Get(d *Daemon, r *http.Request) Response { } var certificate string + var certificateFingerprint string if len(d.tlsConfig.Certificates) != 0 { certificate = string(pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: d.tlsConfig.Certificates[0].Certificate[0]})) + certificateFingerprint, err = shared.CertFingerprintStr(certificate) + if err != nil { + return InternalError(err) + } } architectures := []string{} @@ -177,17 +182,18 @@ func api10Get(d *Daemon, r *http.Request) Response { } env := api.ServerEnvironment{ - Addresses: addresses, - Architectures: architectures, - Certificate:certificate, - Driver: "lxc", - DriverVersion: lxc.Version(), - Kernel: kernel, - KernelArchitecture: kernelArchitecture, - KernelVersion: kernelVersion, - Server: "lxd", - ServerPid: os.Getpid(), - ServerVersion: version.Version} + Addresses: addresses, + Architectures: architectures, + Certificate:certificate, + CertificateFingerprint: certificateFingerprint, + Driver: "lxc", + DriverVersion: lxc.Version(), + Kernel:
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3249 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 3a551bf31c922e49538bf36e750f516184d5deec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 28 Apr 2017 12:48:18 -0400 Subject: [PATCH 1/8] Fix typos MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client/operations.go | 2 +- lxd/container_exec.go | 2 +- lxd/patches.go| 2 +- lxd/storage_btrfs.go | 6 ++ test/README.md| 2 +- 5 files changed, 6 insertions(+), 8 deletions(-) diff --git a/client/operations.go b/client/operations.go index cd958fb..7f381a0 100644 --- a/client/operations.go +++ b/client/operations.go @@ -147,7 +147,7 @@ func (op *Operation) setupListener() error { return } - // We don't want concurency while processing events + // We don't want concurrency while processing events op.listenerLock.Lock() defer op.listenerLock.Unlock() diff --git a/lxd/container_exec.go b/lxd/container_exec.go index 98d4a31..9c43590 100644 --- a/lxd/container_exec.go +++ b/lxd/container_exec.go @@ -171,7 +171,7 @@ func (s *execWs) Do(op *operation) error { break } - // If an abnormal closure occured, kill the attached process. + // If an abnormal closure occurred, kill the attached process. err := syscall.Kill(attachedChildPid, syscall.SIGKILL) if err != nil { logger.Debugf("Failed to send SIGKILL to pid %d.", attachedChildPid) diff --git a/lxd/patches.go b/lxd/patches.go index 23dfa7c..2dfa6f4 100644 --- a/lxd/patches.go +++ b/lxd/patches.go @@ -1236,7 +1236,7 @@ func upgradeFromStorageTypeLvm(name string, d *Daemon, defaultPoolName string, d newSnapshotsPath := getSnapshotMountPoint(defaultPoolName, ct) if shared.PathExists(snapshotsPath) { // On a broken update snapshotsPath will contain - // emtpy directories that need to be removed. + // empty directories that need to be removed. err := os.RemoveAll(snapshotsPath) if err != nil { return err diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index 15ff9c3..56f2d25 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -757,8 +757,7 @@ func (s *storageBtrfs) copyContainer(target container, source container) error { targetContainerSubvolumeName := getContainerMountPoint(s.pool.Name, target.Name()) containersPath := getContainerMountPoint(s.pool.Name, "") - // Ensure that the directories immediately preceeding the - // subvolume directory exist. + // Ensure that the directories immediately preceding the subvolume directory exist. if !shared.PathExists(containersPath) { err := os.MkdirAll(containersPath, 0700) if err != nil { @@ -805,8 +804,7 @@ func (s *storageBtrfs) copySnapshot(target container, source container) error { return err } - // Ensure that the directories immediately preceeding the - // subvolume directory exist. + // Ensure that the directories immediately preceding the subvolume directory exist. if !shared.PathExists(containersPath) { err := os.MkdirAll(containersPath, 0700) if err != nil { diff --git a/test/README.md b/test/README.md index 3c543b6..5d0e285 100644 --- a/test/README.md +++ b/test/README.md @@ -13,7 +13,7 @@ To run only the integration tests, run from the test directory: Name| Default | Description :-- | :--- | :-- LXD\_BACKEND| dir | What backend to test against (btrfs, dir, lvm, zfs, or random) -LXD\_CONCURRENT | 0 | Run concurency tests, very CPU intensive +LXD\_CONCURRENT | 0 | Run concurrency tests, very CPU intensive LXD\_DEBUG | 0 | Run lxd, lxc and the shell in debug mode (very verbose) LXD\_INSPECT| 0 | Don't teardown the test environment on failure LXD\_LOGS
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3238 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 90e83cf7144b62ce84d2ee3fa46afb34ee39b515 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 27 Apr 2017 14:06:05 -0400 Subject: [PATCH 1/2] Use networkSysctl when possible MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 0f2d935..f638220 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -5656,9 +5656,7 @@ func (c *containerLXC) createNetworkDevice(name string, m types.Device) (string, } // Attempt to disable IPv6 on the host side interface - if shared.PathExists(fmt.Sprintf("/proc/sys/net/ipv6/conf/%s/disable_ipv6", n1)) { - ioutil.WriteFile(fmt.Sprintf("/proc/sys/net/ipv6/conf/%s/disable_ipv6", n1), []byte("1"), 0644) - } + networkSysctl(fmt.Sprintf("ipv6/conf/%s/disable_ipv6", n1), "1") } dev = n2 From 936fddf3fd4ba6e0f458d0f756c2a40e9dfe9328 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 27 Apr 2017 14:08:47 -0400 Subject: [PATCH 2/2] Disable IPv6 on created macvlan parents MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This avoids the host accidentally getting IPv6 addresses on those. Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 6 ++ 1 file changed, 6 insertions(+) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index f638220..406368c 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1784,6 +1784,9 @@ func (c *containerLXC) startCommon() (string, error) { if err != nil { return "", err } + + // Attempt to disable IPv6 on the host side interface + networkSysctl(fmt.Sprintf("ipv6/conf/%s/disable_ipv6", device), "1") } } } @@ -5678,6 +5681,9 @@ func (c *containerLXC) createNetworkDevice(name string, m types.Device) (string, if err != nil { return "", err } + + // Attempt to disable IPv6 on the host side interface + networkSysctl(fmt.Sprintf("ipv6/conf/%s/disable_ipv6", device), "1") } } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3236 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From b6070ce3dd6670f62739b8768c8d9f97b33599de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 27 Apr 2017 11:44:22 -0400 Subject: [PATCH 1/3] tests: Remove invalid test for Jenkins MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Jenkins does set LXD_BACKEND Signed-off-by: Stéphane Graber --- test/main.sh | 11 ++- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/test/main.sh b/test/main.sh index 90125a7..8738ec3 100755 --- a/test/main.sh +++ b/test/main.sh @@ -54,16 +54,9 @@ for backend_sh in backends/*.sh; do . "${backend_sh}" done +# Set default backend to dir if [ -z "${LXD_BACKEND:-}" ]; then - -# XXX The Jenkins lxd-github-pull-test job sets "backend" as environment -# variable as opposed to LXD_BACKEND, so we want to honor that. This -# should probably be fixed in the Jenkins configuration. -if [ -n "${JENKINS_URL:-}" ] && [ -n "${backend:-}" ]; then - LXD_BACKEND="${backend}" -else - LXD_BACKEND=dir -fi +LXD_BACKEND=dir fi echo "==> Using storage backend ${LXD_BACKEND}" From 4491abae06751fcdbdfd5ffa84f9d373b5b77410 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 26 Apr 2017 20:44:08 -0400 Subject: [PATCH 2/3] client: Allow passing custom headers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is required for custom image uploads. Signed-off-by: Stéphane Graber --- client/lxd.go | 25 ++--- client/lxd_certificates.go| 6 +++--- client/lxd_containers.go | 4 ++-- client/lxd_images.go | 10 +- client/lxd_networks.go| 8 client/lxd_operations.go | 2 +- client/lxd_profiles.go| 8 client/lxd_server.go | 2 +- client/lxd_storage_pools.go | 6 +++--- client/lxd_storage_volumes.go | 6 +++--- 10 files changed, 44 insertions(+), 33 deletions(-) diff --git a/client/lxd.go b/client/lxd.go index 8b2f01a..dff7db6 100644 --- a/client/lxd.go +++ b/client/lxd.go @@ -34,7 +34,7 @@ func (r *ProtocolLXD) RawQuery(method string, path string, data interface{}, ETa // Generate the URL url := fmt.Sprintf("%s%s", r.httpHost, path) - return r.rawQuery(method, url, data, ETag) + return r.rawQuery(method, url, data, ETag, nil) } // RawWebsocket allows directly connection to LXD API websockets @@ -48,7 +48,7 @@ func (r *ProtocolLXD) RawWebsocket(path string) (*websocket.Conn, error) { } // Internal functions -func (r *ProtocolLXD) rawQuery(method string, url string, data interface{}, ETag string) (*api.Response, string, error) { +func (r *ProtocolLXD) rawQuery(method string, url string, data interface{}, ETag string, headers map[string]string) (*api.Response, string, error) { var req *http.Request var err error @@ -99,6 +99,13 @@ func (r *ProtocolLXD) rawQuery(method string, url string, data interface{}, ETag req.Header.Set("If-Match", ETag) } + // Set the custom headers + if headers != nil { + for k, v := range headers { + req.Header.Set(k, v) + } + } + // Send the request resp, err := r.http.Do(req) if err != nil { @@ -131,15 +138,15 @@ func (r *ProtocolLXD) rawQuery(method string, url string, data interface{}, ETag return &response, etag, nil } -func (r *ProtocolLXD) query(method string, path string, data interface{}, ETag string) (*api.Response, string, error) { +func (r *ProtocolLXD) query(method string, path string, data interface{}, ETag string, headers map[string]string) (*api.Response, string, error) { // Generate the URL url := fmt.Sprintf("%s/1.0%s", r.httpHost, path) - return r.rawQuery(method, url, data, ETag) + return r.rawQuery(method, url, data, ETag, headers) } func (r *ProtocolLXD) queryStruct(method string, path string, data interface{}, ETag string, target interface{}) (string, error) { - resp, etag, err := r.query(method, path, data, ETag) + resp, etag, err := r.query(method, path, data, ETag, nil) if err != nil { return "", err } @@ -156,9 +163,9 @@ func (r *ProtocolLXD) queryStruct(method string, path string, data interface{}, return etag, nil } -func (r *ProtocolLXD) queryOperation(method string, path string, data interface{}, ETag string) (*Operation, string, error) { +func (r *ProtocolLXD) queryOperationHeaders(method string, path string, data interface{}, ETag string, head
[lxc-devel] [lxd/master] Bugfixes and minor features
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3210 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 9e6be3071eb465510c6196ccc3996d0a1a67d992 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 23 Apr 2017 16:53:13 -0400 Subject: [PATCH 1/2] doc: FIx naming of bwlimit api extension MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/api-extensions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/api-extensions.md b/doc/api-extensions.md index 7223ec8..8207a52 100644 --- a/doc/api-extensions.md +++ b/doc/api-extensions.md @@ -256,6 +256,6 @@ If "path" is set without "source" and "major/minor" isn't set, we should assume that "source" will be the same as "path". So at least one of them must be set. -## rsync.bwlimit +## storage\_rsync\_bwlimit When rsync has to be invoked to transfer storage entities setting rsync.bwlimit places an upper limit on the amount of socket I/O allowed. From 5b5484b8ab68423f673bdced9666f97b19523928 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 23 Apr 2017 16:57:29 -0400 Subject: [PATCH 2/2] Allow overriding the VXLAN multicast interface MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/api-extensions.md | 5 + doc/networks.md| 1 + lxd/api_1.0.go | 1 + lxd/networks.go| 10 +++--- lxd/networks_config.go | 11 ++- 5 files changed, 20 insertions(+), 8 deletions(-) diff --git a/doc/api-extensions.md b/doc/api-extensions.md index 8207a52..8cf17f3 100644 --- a/doc/api-extensions.md +++ b/doc/api-extensions.md @@ -259,3 +259,8 @@ So at least one of them must be set. ## storage\_rsync\_bwlimit When rsync has to be invoked to transfer storage entities setting rsync.bwlimit places an upper limit on the amount of socket I/O allowed. + +## network\_vxlan\_interface +This introduces a new tunnel.NAME.interface option for networks. + +This key control what host network interface is used for a VXLAN tunnel. diff --git a/doc/networks.md b/doc/networks.md index 65aab79..82b846f 100644 --- a/doc/networks.md +++ b/doc/networks.md @@ -33,6 +33,7 @@ tunnel.NAME.remote | string| gre or vxlan | - tunnel.NAME.group | string| vxlan | 239.0.0.1 | Multicast address for vxlan (used if local and remote aren't set) tunnel.NAME.port| integer | vxlan | 0 | Specific port to use for the vxlan tunnel tunnel.NAME.id | integer | vxlan | 0 | Specific tunnel ID to use for the vxlan tunnel +tunnel.NAME.interface | string| vxlan | - | Specific host interface to use for the tunnel ipv4.address| string| standard mode | random unused subnet | IPv4 address for the bridge (CIDR notation). Use "none" to turn off IPv4 or "auto" to generate a new one ipv4.nat| boolean | ipv4 address | false | Whether to NAT (will default to true if unset and a random ipv4.address is generated) ipv4.dhcp | boolean | ipv4 address | true | Whether to allocate addresses using DHCP diff --git a/lxd/api_1.0.go b/lxd/api_1.0.go index 7cd7b5b..bdf7c54 100644 --- a/lxd/api_1.0.go +++ b/lxd/api_1.0.go @@ -103,6 +103,7 @@ func api10Get(d *Daemon, r *http.Request) Response { "unix_device_rename", "storage_lvm_use_thinpool", "storage_rsync_bwlimit", + "network_vxlan_interface", }, APIStatus: "stable", APIVersion: version.APIVersion, diff --git a/lxd/networks.go b/lxd/networks.go index 5e2e1b6..1f54977 100644 --- a/lxd/networks.go +++ b/lxd/networks.go @@ -1068,6 +1068,7 @@ func (n *network) Start() error { cmd = append(cmd, []string{"type", "gretap", "local", tunLocal, "remote", tunRemote}...) } else if tunProtocol == "vxlan" { tunGroup := getConfig("group") + tunInterface := getConfig("interface") // Skip partial configs if tunProtocol == "" { @@ -1083,9 +1084,12 @@ func (n *network) Start() error { tunGroup = "239.0.0.1" } - _, devName, err := networkDefaultGatewaySubnetV4() -
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3200 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 3e44ad4c701505ecd9d1cbf514d4ddcc7aac5fba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 20 Apr 2017 23:10:57 -0400 Subject: [PATCH] Drop leftover debug statement MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/daemon_images.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/daemon_images.go b/lxd/daemon_images.go index 286b1a7..0b285cc 100644 --- a/lxd/daemon_images.go +++ b/lxd/daemon_images.go @@ -463,7 +463,7 @@ func (d *Daemon) ImageDownload(op *operation, server string, protocol string, ce // Create the database entry err = dbImageInsert(d.db, info.Fingerprint, info.Filename, info.Size, info.Public, info.AutoUpdate, info.Architecture, info.CreatedAt, info.ExpiresAt, info.Properties) if err != nil { - return nil, fmt.Errorf("here: %v: %s", err, info.Fingerprint) + return nil, err } // Image is in the DB now, don't wipe on-disk files on failure ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3151 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 3b57301b9329088f61ebbc873f9bdc85a542e6d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 4 Apr 2017 22:50:19 -0400 Subject: [PATCH 1/2] api: Add the Stateful field to ContainerPut MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go| 2 +- shared/api/container.go | 6 -- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 76bdeff..df710be 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -2503,7 +2503,6 @@ func (c *containerLXC) Render() (interface{}, interface{}, error) { Name:c.name, Status: statusCode.String(), StatusCode: statusCode, - Stateful:c.stateful, } ct.Architecture = architectureName @@ -2513,6 +2512,7 @@ func (c *containerLXC) Render() (interface{}, interface{}, error) { ct.Ephemeral = c.ephemeral ct.LastUsedAt = c.lastUsedDate ct.Profiles = c.profiles + ct.Stateful = c.stateful return &ct, etag, nil } diff --git a/shared/api/container.go b/shared/api/container.go index e81219c..849b9bf 100644 --- a/shared/api/container.go +++ b/shared/api/container.go @@ -34,7 +34,10 @@ type ContainerPut struct { Devices map[string]map[string]string `json:"devices" yaml:"devices"` Ephemeralbool `json:"ephemeral" yaml:"ephemeral"` Profiles []string `json:"profiles" yaml:"profiles"` - Restore string `json:"restore,omitempty" yaml:"restore,omitempty"` + + // For snapshot restore + Restore string `json:"restore,omitempty" yaml:"restore,omitempty"` + Stateful bool `json:"stateful" yaml:"stateful"` } // Container represents a LXD container @@ -45,7 +48,6 @@ type Container struct { ExpandedConfig map[string]string`json:"expanded_config" yaml:"expanded_config"` ExpandedDevices map[string]map[string]string `json:"expanded_devices" yaml:"expanded_devices"` Namestring `json:"name" yaml:"name"` - Statefulbool `json:"stateful" yaml:"stateful"` Status string `json:"status" yaml:"status"` StatusCode StatusCode `json:"status_code" yaml:"status_code"` From 5e2ed6a4055fc3f15895a2b30df2111f83e141bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 4 Apr 2017 00:34:45 -0400 Subject: [PATCH 2/2] config: Fix SaveConfig's DeepCopy call MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/config/file.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxc/config/file.go b/lxc/config/file.go index 220f29b..7162774 100644 --- a/lxc/config/file.go +++ b/lxc/config/file.go @@ -45,7 +45,7 @@ func LoadConfig(path string) (*Config, error) { func (c *Config) SaveConfig(path string) error { // Create a new copy for the config file conf := Config{} - err := shared.DeepCopy(c, conf) + err := shared.DeepCopy(c, &conf) if err != nil { return fmt.Errorf("Unable to copy the configuration: %v", err) } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3124 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 380e65ef78c7fce18ec92e7b52eb81715e208776 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 28 Mar 2017 17:04:44 -0400 Subject: [PATCH] operations: Remove useless for loops MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/operations.go | 18 +++--- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/lxd/operations.go b/lxd/operations.go index f285d05..517652b 100644 --- a/lxd/operations.go +++ b/lxd/operations.go @@ -283,23 +283,19 @@ func (op *operation) WaitFinal(timeout int) (bool, error) { // Wait indefinitely if timeout == -1 { - for { - <-op.chanDone - return true, nil - } + <-op.chanDone + return true, nil } // Wait until timeout if timeout > 0 { timer := time.NewTimer(time.Duration(timeout) * time.Second) - for { - select { - case <-op.chanDone: - return false, nil + select { + case <-op.chanDone: + return false, nil - case <-timer.C: - return false, nil - } + case <-timer.C: + return false, nil } } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3113 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 3210ab9b3bef4f8efa26a39b58682382bf1b6f75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 24 Mar 2017 02:53:05 -0400 Subject: [PATCH 1/2] api: Properly define the image creation source MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/images.go | 24 shared/api/image.go | 20 +++- 2 files changed, 31 insertions(+), 13 deletions(-) diff --git a/lxd/images.go b/lxd/images.go index f869e96..98d7782 100644 --- a/lxd/images.go +++ b/lxd/images.go @@ -224,8 +224,8 @@ type imageMetadata struct { func imgPostContInfo(d *Daemon, r *http.Request, req api.ImagesPost, builddir string) (*api.Image, error) { info := api.Image{} info.Properties = map[string]string{} - name := req.Source["name"] - ctype := req.Source["type"] + name := req.Source.Name + ctype := req.Source.Type if ctype == "" || name == "" { return nil, fmt.Errorf("No source provided") } @@ -330,15 +330,15 @@ func imgPostRemoteInfo(d *Daemon, req api.ImagesPost, op *operation) (*api.Image var err error var hash string - if req.Source["fingerprint"] != "" { - hash = req.Source["fingerprint"] - } else if req.Source["alias"] != "" { - hash = req.Source["alias"] + if req.Source.Fingerprint != "" { + hash = req.Source.Fingerprint + } else if req.Source.Alias != "" { + hash = req.Source.Alias } else { return nil, fmt.Errorf("must specify one of alias or fingerprint for init from image") } - hash, err = d.ImageDownload(op, req.Source["server"], req.Source["protocol"], req.Source["certificate"], req.Source["secret"], hash, false, req.AutoUpdate, "") + hash, err = d.ImageDownload(op, req.Source.Server, req.Source.Protocol, req.Source.Certificate, req.Source.Secret, hash, false, req.AutoUpdate, "") if err != nil { return nil, err } @@ -367,7 +367,7 @@ func imgPostRemoteInfo(d *Daemon, req api.ImagesPost, op *operation) (*api.Image func imgPostURLInfo(d *Daemon, req api.ImagesPost, op *operation) (*api.Image, error) { var err error - if req.Source["url"] == "" { + if req.Source.URL == "" { return nil, fmt.Errorf("Missing URL") } @@ -377,7 +377,7 @@ func imgPostURLInfo(d *Daemon, req api.ImagesPost, op *operation) (*api.Image, e } // Resolve the image URL - head, err := http.NewRequest("HEAD", req.Source["url"], nil) + head, err := http.NewRequest("HEAD", req.Source.URL, nil) if err != nil { return nil, err } @@ -699,7 +699,7 @@ func imagesPost(d *Daemon, r *http.Request) Response { imageUpload = true } - if !imageUpload && !shared.StringInSlice(req.Source["type"], []string{"container", "snapshot", "image", "url"}) { + if !imageUpload && !shared.StringInSlice(req.Source.Type, []string{"container", "snapshot", "image", "url"}) { cleanup(builddir, post) return InternalError(fmt.Errorf("Invalid images JSON")) } @@ -712,13 +712,13 @@ func imagesPost(d *Daemon, r *http.Request) Response { defer cleanup(builddir, post) if !imageUpload { - if req.Source["type"] == "image" { + if req.Source.Type == "image" { /* Processing image copy from remote */ info, err = imgPostRemoteInfo(d, req, op) if err != nil { return err } - } else if req.Source["type"] == "url" { + } else if req.Source.Type == "url" { /* Processing image copy from URL */ info, err = imgPostURLInfo(d, req, op) if err != nil { diff --git a/shared/api/image.go b/shared/api/image.go index 789e887..814c098 100644 --- a/shared/api/image.go +++ b/shared/api/image.go @@ -9,7 +9,7 @@ type ImagesPost struct { ImagePut `yaml:",inline"` Filename string`json:"filename" yaml:"filename"` - Source map[string]string `json:"source" yaml:"source"` + Source *ImagesPostSource `json:"source" yaml:"source"` // API extension: image_compression_algorithm CompressionAlgorithm string `json:"compression_
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3093 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From acbb654e884bd1e7b511e1f25b637cf57d7a9585 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 20 Mar 2017 18:45:29 -0400 Subject: [PATCH 1/2] lxc/copy: Return the source error too MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This will get us rid off the annoying "bad handshake" error. Closes #3086 Signed-off-by: Stéphane Graber --- client.go | 10 +- lxc/copy.go | 9 - 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/client.go b/client.go index a0a1050..520228e 100644 --- a/client.go +++ b/client.go @@ -2225,7 +2225,6 @@ func (c *Client) WaitFor(waitURL string) (*api.Operation, error) { * "//operations/" in it; we chop off the leading / and pass * it to url directly. */ - shared.LogDebugf(path.Join(waitURL[1:], "wait")) resp, err := c.baseGet(c.url(waitURL, "wait")) if err != nil { return nil, err @@ -2234,6 +2233,15 @@ func (c *Client) WaitFor(waitURL string) (*api.Operation, error) { return resp.MetadataAsOperation() } +func (c *Client) GetOperation(url string) (*api.Operation, error) { + resp, err := c.baseGet(c.url(url)) + if err != nil { + return nil, err + } + + return resp.MetadataAsOperation() +} + func (c *Client) WaitForSuccess(waitURL string) error { op, err := c.WaitFor(waitURL) if err != nil { diff --git a/lxc/copy.go b/lxc/copy.go index 0e6445d..1ff5dd5 100644 --- a/lxc/copy.go +++ b/lxc/copy.go @@ -245,7 +245,14 @@ func (c *copyCmd) copyContainer(config *lxd.Config, sourceResource string, destR return nil } - return err + // Check for an error at the source + sourceOp, sourceErr := source.GetOperation(sourceWSResponse.Operation) + if sourceErr == nil && sourceOp.Err != "" { + return fmt.Errorf(i18n.G("Migration failed on source host: %s"), sourceOp.Err) + } + + // Return the error from destination + return fmt.Errorf(i18n.G("Migration failed on target host: %s"), err) } func (c *copyCmd) run(config *lxd.Config, args []string) error { From 3551211753dcd197a3771aae33eb0e5e34b4fc2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 20 Mar 2017 19:10:23 -0400 Subject: [PATCH 2/2] i18n: Update translation templates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- po/de.po | 12 +++- po/el.po | 12 +++- po/fr.po | 12 +++- po/ja.po | 12 +++- po/lxd.pot | 12 +++- po/nl.po | 12 +++- po/ru.po | 12 +++- 7 files changed, 77 insertions(+), 7 deletions(-) diff --git a/po/de.po b/po/de.po index 2ee7c74..96bcfaa 100644 --- a/po/de.po +++ b/po/de.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: LXD\n" "Report-Msgid-Bugs-To: lxc-devel@lists.linuxcontainers.org\n" -"POT-Creation-Date: 2017-03-20 14:50-0400\n" +"POT-Creation-Date: 2017-03-20 19:10-0400\n" "PO-Revision-Date: 2017-02-14 17:11+\n" "Last-Translator: Tim Rose \n" "Language-Team: German
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3091 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 9ec18d41556aec884a571370855ce3cd365b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 20 Mar 2017 13:58:03 -0400 Subject: [PATCH 1/2] init: Better render available storage backends MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/main_init.go | 6 +- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lxd/main_init.go b/lxd/main_init.go index 1960220..e86d210 100644 --- a/lxd/main_init.go +++ b/lxd/main_init.go @@ -244,11 +244,7 @@ func cmdInit() error { goto askForStorageAgain } - storagePoolDriverChoiceString := backendsAvailable[0] - if len(backendsAvailable) > 1 { - storagePoolDriverChoiceString = strings.Join(backendsAvailable, ",") - } - storageBackend = askChoice(fmt.Sprintf("Name of the storage backend to use (%s) [default=%s]: ", storagePoolDriverChoiceString, defaultStorage), supportedStoragePoolDrivers, defaultStorage) + storageBackend = askChoice(fmt.Sprintf("Name of the storage backend to use (%s) [default=%s]: ", strings.Join(backendsAvailable, ", "), defaultStorage), supportedStoragePoolDrivers, defaultStorage) if !shared.StringInSlice(storageBackend, supportedStoragePoolDrivers) { return fmt.Errorf("The requested backend '%s' isn't supported by lxd init.", storageBackend) From e411eff44a2b9055e3e49f9831e2b76c0cd4f7bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 20 Mar 2017 00:19:29 -0400 Subject: [PATCH 2/2] Don't attempt to live migration on copy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This adds a "live" property to migration request allowing the client to control whether to do a live migration or not, and to turn it off for copies. Closes #3086 Signed-off-by: Stéphane Graber --- client.go | 6 -- doc/api-extensions.md | 4 lxc/copy.go | 8 lxc/move.go | 2 +- lxd/api_1.0.go| 1 + lxd/container_post.go | 31 --- lxd/container_snapshot.go | 2 +- lxd/migrate.go| 4 ++-- shared/api/container.go | 10 -- 9 files changed, 49 insertions(+), 19 deletions(-) diff --git a/client.go b/client.go index 0f2dd5f..a0a1050 100644 --- a/client.go +++ b/client.go @@ -1995,12 +1995,14 @@ func (c *Client) DeleteFile(container string, p string) error { return nil } -func (c *Client) GetMigrationSourceWS(container string) (*api.Response, error) { +func (c *Client) GetMigrationSourceWS(container string, stateful bool) (*api.Response, error) { if c.Remote.Public { return nil, fmt.Errorf("This function isn't supported by public remotes.") } - body := shared.Jmap{"migration": true} + body := shared.Jmap{ + "migration": true, + "live": stateful} url := fmt.Sprintf("containers/%s", container) if shared.IsSnapshot(container) { pieces := strings.SplitN(container, shared.SnapshotDelimiter, 2) diff --git a/doc/api-extensions.md b/doc/api-extensions.md index 702fac9..0b62c51 100644 --- a/doc/api-extensions.md +++ b/doc/api-extensions.md @@ -229,3 +229,7 @@ macvlan parent. ## image\_create\_aliases Adds a new "aliases" field to POST /1.0/images allowing for aliases to be set at image creation/import time. + +## container\_stateless\_copy +This introduces a new "live" attribute in POST /1.0/containers/NAME. +Setting it to false tells LXD not to attempt running state transfer. diff --git a/lxc/copy.go b/lxc/copy.go index 539d616..0e6445d 100644 --- a/lxc/copy.go +++ b/lxc/copy.go @@ -37,7 +37,7 @@ func (c *copyCmd) flags() { gnuflag.BoolVar(&c.ephem, "e", false, i18n.G("Ephemeral container")) } -func (c *copyCmd) copyContainer(config *lxd.Config, sourceResource string, destResource string, keepVolatile bool, ephemeral int) error { +func (c *copyCmd) copyContainer(config *lxd.Config, sourceResource string, destResource string, keepVolatile bool, ephemeral int, stateful bool) error { sourceRemote, sourceName := config.ParseRemoteAndContainer(sourceResource) destRemote, destName := config.ParseRemoteAndContainer(destResource) @@ -178,7 +178,7 @@ func (c *copyCmd) copyContainer(config *lxd.Config, sourceResource string, destR } } -
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3087 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 5a534c56aeb7f8a04b99add88fbbf1a08e52b917 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 17 Mar 2017 16:27:44 +0100 Subject: [PATCH 1/3] api: Update storage.go to cover POST too MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/api/storage.go | 22 +- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/shared/api/storage.go b/shared/api/storage.go index fbb8b99..fac6d85 100644 --- a/shared/api/storage.go +++ b/shared/api/storage.go @@ -1,5 +1,15 @@ package api +// StoragePoolsPost represents the fields of a new LXD storage pool +// +// API extension: storage +type StoragePoolsPost struct { + StoragePoolPut `yaml:",inline"` + + Name string `json:"name" yaml:"name"` + Driver string `json:"driver" yaml:"driver"` +} + // StoragePool represents the fields of a LXD storage pool. // // API extension: storage @@ -18,12 +28,23 @@ type StoragePoolPut struct { Config map[string]string `json:"config" yaml:"config"` } +// StorageVolumesPost represents the fields of a new LXD storage pool volume +// +// API extension: storage +type StorageVolumesPost struct { + StorageVolumePut `yaml:",inline"` + + Name string `json:"name" yaml:"name"` + Type string `json:"type" yaml:"type"` +} + // StorageVolume represents the fields of a LXD storage volume. // // API extension: storage type StorageVolume struct { StorageVolumePut `yaml:",inline"` + Name string `json:"name" yaml:"name"` Type string `json:"type" yaml:"type"` UsedBy []string `json:"used_by" yaml:"used_by"` } @@ -32,7 +53,6 @@ type StorageVolume struct { // // API extension: storage type StorageVolumePut struct { - Name string`json:"name" yaml:"name"` Config map[string]string `json:"config" yaml:"config"` } From 81ef0d62e123ffad519cd5cbff73a6ae3228341c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 17 Mar 2017 16:40:01 +0100 Subject: [PATCH 2/3] storage: Fix container_lxc to match shared/api MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 1 - 1 file changed, 1 deletion(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 4299395..44f3474 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -2837,7 +2837,6 @@ func (c *containerLXC) Rename(newName string) error { // Update the storage volume name in the storage interface. sNew := c.storage.GetStoragePoolVolumeWritable() - sNew.Name = newName c.storage.SetStoragePoolVolumeWritable(&sNew) // Invalidate the go-lxc cache From a15ae9d781d18d1bafac35f5cc06f1aa9a13cf6d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 17 Mar 2017 16:56:53 +0100 Subject: [PATCH 3/3] tests: Fix btrfs detection code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/storage_profiles.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/suites/storage_profiles.sh b/test/suites/storage_profiles.sh index 8e746af..9631b80 100644 --- a/test/suites/storage_profiles.sh +++ b/test/suites/storage_profiles.sh @@ -17,7 +17,7 @@ test_storage_profiles() { fi HAS_BTRFS="dir" -if which zfs >/dev/null 2>&1; then +if which btrfs >/dev/null 2>&1; then HAS_BTRFS="btrfs" fi ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3053 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From f9ca1a74938164f17603b66f30d53801457f7ba5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 9 Mar 2017 20:36:50 -0500 Subject: [PATCH 1/3] lxc: Properly clear transfer stats on error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/image.go | 1 + lxc/launch.go | 6 ++ 2 files changed, 7 insertions(+) diff --git a/lxc/image.go b/lxc/image.go index b996f32..69af5b7 100644 --- a/lxc/image.go +++ b/lxc/image.go @@ -249,6 +249,7 @@ func (c *imageCmd) run(config *lxd.Config, args []string) error { if err == nil { progress.Done(i18n.G("Image copied successfully!")) } + progress.Done("") return err diff --git a/lxc/launch.go b/lxc/launch.go index 2a5b35e..0689706 100644 --- a/lxc/launch.go +++ b/lxc/launch.go @@ -111,11 +111,13 @@ func (c *launchCmd) run(config *lxd.Config, args []string) error { if name == "" { op, err := resp.MetadataAsOperation() if err != nil { + progress.Done("") return fmt.Errorf(i18n.G("didn't get any affected image, container or snapshot from server")) } containers, ok := op.Resources["containers"] if !ok || len(containers) == 0 { + progress.Done("") return fmt.Errorf(i18n.G("didn't get any affected image, container or snapshot from server")) } @@ -123,20 +125,24 @@ func (c *launchCmd) run(config *lxd.Config, args []string) error { toScan := strings.Replace(containers[0], "/", " ", -1) count, err := fmt.Sscanf(toScan, " %s containers %s", &restVersion, &name) if err != nil { + progress.Done("") return err } if count != 2 { + progress.Done("") return fmt.Errorf(i18n.G("bad number of things scanned from image, container or snapshot")) } if restVersion != version.APIVersion { + progress.Done("") return fmt.Errorf(i18n.G("got bad version")) } } fmt.Printf(i18n.G("Creating %s")+"\n", name) if err = d.WaitForSuccess(resp.Operation); err != nil { + progress.Done("") return err } progress.Done("") From c92e29571660d1c1b6793e82609144887d8328c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 9 Mar 2017 20:32:05 -0500 Subject: [PATCH 2/3] zfs: Create a volume entry for re-used images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_zfs.go | 1 + 1 file changed, 1 insertion(+) diff --git a/lxd/storage_zfs.go b/lxd/storage_zfs.go index c76cc07..1d3cc86 100644 --- a/lxd/storage_zfs.go +++ b/lxd/storage_zfs.go @@ -1296,6 +1296,7 @@ func (s *storageZfs) ImageCreate(fingerprint string) error { } revert = false + subrevert = false return nil } From 1ea0a2064b3628d76e6b6028c938467e50c512bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 9 Mar 2017 14:36:46 -0500 Subject: [PATCH 3/3] shared/simplestreams: Export image file list MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/simplestreams/simplestreams.go | 66 +-- 1 file changed, 47 insertions(+), 19 deletions(-) diff --git a/shared/simplestreams/simplestreams.go b/shared/simplestreams/simplestreams.go index e4251e8..0615fe0 100644 --- a/shared/simplestreams/simplestreams.go +++ b/shared/simplestreams/simplestreams.go @@ -10,6 +10,7 @@ import ( "os" "path/filepath" "sort" + "strconv" "strings" "time" @@ -137,8 +138,10 @@ func (s *SimpleStreamsManifest) ToLXD() ([]api.Image, map[string][][]string) { metaPath := meta.Path metaHash := meta.HashSha256 + metaSize := meta.Size rootfsPath := "" rootfsHash := "" + rootfsSize := int64(0) fields := strings.Split(meta.Path, "/") filename := fields[len(fields)-1] size := meta.S
[lxc-devel] [lxd/master] Bugfixes and image aliases
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3041 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 6f3d99613ec5ff412c83eca6e7c022cb4ac9d2c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 8 Mar 2017 01:34:21 -0500 Subject: [PATCH 1/4] images: Refactor code a bit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/daemon_images.go | 6 +- lxd/images.go| 212 ++- 2 files changed, 97 insertions(+), 121 deletions(-) diff --git a/lxd/daemon_images.go b/lxd/daemon_images.go index b2bd825..9e9d164 100644 --- a/lxd/daemon_images.go +++ b/lxd/daemon_images.go @@ -371,7 +371,8 @@ func (d *Daemon) ImageDownload(op *operation, server string, protocol string, ce } } - _, err = imageBuildFromInfo(d, info) + // Create the database entry + err = dbImageInsert(d.db, info.Fingerprint, info.Filename, info.Size, info.Public, info.AutoUpdate, info.Architecture, info.CreatedAt, info.ExpiresAt, info.Properties) if err != nil { return "", err } @@ -546,7 +547,8 @@ func (d *Daemon) ImageDownload(op *operation, server string, protocol string, ce } } - _, err = imageBuildFromInfo(d, &info) + // Create the database entry + err = dbImageInsert(d.db, info.Fingerprint, info.Filename, info.Size, info.Public, info.AutoUpdate, info.Architecture, info.CreatedAt, info.ExpiresAt, info.Properties) if err != nil { shared.LogError( "Failed to create image", diff --git a/lxd/images.go b/lxd/images.go index c203289..06ac683 100644 --- a/lxd/images.go +++ b/lxd/images.go @@ -221,27 +221,26 @@ type imageMetadata struct { * This function takes a container or snapshot from the local image server and * exports it as an image. */ -func imgPostContInfo(d *Daemon, r *http.Request, req api.ImagesPost, - builddir string) (info api.Image, err error) { - +func imgPostContInfo(d *Daemon, r *http.Request, req api.ImagesPost, builddir string) (*api.Image, error) { + info := api.Image{} info.Properties = map[string]string{} name := req.Source["name"] ctype := req.Source["type"] if ctype == "" || name == "" { - return info, fmt.Errorf("No source provided") + return nil, fmt.Errorf("No source provided") } switch ctype { case "snapshot": if !shared.IsSnapshot(name) { - return info, fmt.Errorf("Not a snapshot") + return nil, fmt.Errorf("Not a snapshot") } case "container": if shared.IsSnapshot(name) { - return info, fmt.Errorf("This is a snapshot") + return nil, fmt.Errorf("This is a snapshot") } default: - return info, fmt.Errorf("Bad type") + return nil, fmt.Errorf("Bad type") } info.Filename = req.Filename @@ -254,19 +253,19 @@ func imgPostContInfo(d *Daemon, r *http.Request, req api.ImagesPost, c, err := containerLoadByName(d, name) if err != nil { - return info, err + return nil, err } // Build the actual image file tarfile, err := ioutil.TempFile(builddir, "lxd_build_tar_") if err != nil { - return info, err + return nil, err } defer os.Remove(tarfile.Name()) if err := c.Export(tarfile, req.Properties); err != nil { tarfile.Close() - return info, err + return nil, err } tarfile.Close() @@ -282,7 +281,7 @@ func imgPostContInfo(d *Daemon, r *http.Request, req api.ImagesPost, if compress != "none" { compressedPath, err = compressFile(tarfile.Name(), compress) if err != nil { - return info, err + return nil, err } } else { compressedPath = tarfile.Name() @@ -292,34 +291,42 @@ func imgPostContInfo(d *Daemon, r *http.Request, req api.ImagesPost, sha256 := sha256.New() tarf, err := os.Open(compressedPath) if err != nil { - return info, err + return nil, err } + info.Size, err = io.Copy(sha256, tarf) tarf.Close() if err != nil { - return info, err + return nil, err } + info.Fingerprint = fmt.Sprintf("%x", sha256
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3035 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 670bc354f55bfff51df687a06ee10c737434fcbf Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Tue, 7 Mar 2017 12:44:44 +0100 Subject: [PATCH 1/3] lvm: dumb down functions from methods to functions This way we can call them from other places as well. Closes #3026. Signed-off-by: Christian Brauner --- lxd/storage_lvm.go | 137 ++--- 1 file changed, 79 insertions(+), 58 deletions(-) diff --git a/lxd/storage_lvm.go b/lxd/storage_lvm.go index 2f3e364..89a245a 100644 --- a/lxd/storage_lvm.go +++ b/lxd/storage_lvm.go @@ -391,8 +391,8 @@ func versionSplit(versionString string) (int, int, int, error) { return maj, min, inc, nil } -func (s *storageLvm) lvmVersionIsAtLeast(versionString string) (bool, error) { - lvmVersion := strings.Split(s.sTypeVersion, "/")[0] +func lvmVersionIsAtLeast(sTypeVersion string, versionString string) (bool, error) { + lvmVersion := strings.Split(sTypeVersion, "/")[0] lvmMaj, lvmMin, lvmInc, err := versionSplit(lvmVersion) if err != nil { @@ -716,7 +716,12 @@ func (s *storageLvm) StoragePoolVolumeCreate() error { return err } - err = s.createThinLV(poolName, thinPoolName, s.volume.Name, lvFsType, lvSize, volumeType) + err = lvmCreateThinpool(s.d, s.sTypeVersion, poolName, thinPoolName, lvFsType) + if err != nil { + return err + } + + err = lvmCreateThinLV(poolName, thinPoolName, s.volume.Name, lvFsType, lvSize, volumeType) if err != nil { shared.LogErrorf("LVMCreateThinLV: %s.", err) return fmt.Errorf("Error Creating LVM LV for new image: %v", err) @@ -1028,7 +1033,12 @@ func (s *storageLvm) ContainerCreate(container container) error { } poolName := s.getOnDiskPoolName() - err = s.createThinLV(poolName, thinPoolName, containerLvmName, lvFsType, lvSize, storagePoolVolumeApiEndpointContainers) + err = lvmCreateThinpool(s.d, s.sTypeVersion, poolName, thinPoolName, lvFsType) + if err != nil { + return err + } + + err = lvmCreateThinLV(poolName, thinPoolName, containerLvmName, lvFsType, lvSize, storagePoolVolumeApiEndpointContainers) if err != nil { return err } @@ -1741,7 +1751,12 @@ func (s *storageLvm) ImageCreate(fingerprint string) error { } }() - err = s.createThinLV(poolName, thinPoolName, fingerprint, lvFsType, lvSize, storagePoolVolumeApiEndpointImages) + err = lvmCreateThinpool(s.d, s.sTypeVersion, poolName, thinPoolName, lvFsType) + if err != nil { + return err + } + + err = lvmCreateThinLV(poolName, thinPoolName, fingerprint, lvFsType, lvSize, storagePoolVolumeApiEndpointImages) if err != nil { shared.LogErrorf("LVMCreateThinLV: %s.", err) return fmt.Errorf("Error Creating LVM LV for new image: %v", err) @@ -1856,25 +1871,72 @@ func (s *storageLvm) ImageUmount(fingerprint string) (bool, error) { return true, nil } -func (s *storageLvm) createThinLV(vgName string, thinPoolName string, lvName string, lvFsType string, lvSize string, volumeType string) error { - exists, err := storageLVMThinpoolExists(vgName, thinPoolName) +func createDefaultThinPool(sTypeVersion string, vgName string, thinPoolName string, lvFsType string) error { + isRecent, err := lvmVersionIsAtLeast(sTypeVersion, "2.02.99") if err != nil { - return err + return fmt.Errorf("Error checking LVM version: %s", err) } - if !exists { - err := s.createDefaultThinPool(vgName, thinPoolName, lvName, lvFsType) - if err != nil { - return err - } + // Create the thin pool + lvmThinPool := fmt.Sprintf("%s/%s", vgName, thinPoolName) + var output string + if isRecent { + output, err = shared.TryRunCommand( + "lvcreate", + "--poolmetadatasize", "1G", + "-l", "100%FREE", + "--thinpool", lvmThinPool) + } else { + output, err = shared.TryRunCommand( + "lvcreate", + "--poolmetadatasize", "1G", + "-L", "1G", + "--thinpool", lvmThinPool) + } + + if err != nil { + shared.LogErrorf("Could not create thin pool \"%s\": %s.", thinPoolName, string(output)) + return fmt.Errorf("Could not create LVM thin pool named %s
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3029 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 9065ae1c38794c1bb48e145aced582379af5f58e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 6 Mar 2017 21:46:48 -0500 Subject: [PATCH] global: Use RunCommand everywhere --- lxd/apparmor.go | 10 ++-- lxd/container_lxc.go | 110 +++ lxd/db_update.go | 5 +- lxd/devices.go | 12 ++--- lxd/images.go| 10 ++-- lxd/main_init.go | 2 +- lxd/networks.go | 61 +++--- lxd/networks_iptables.go | 12 ++--- lxd/networks_utils.go| 15 +++--- lxd/patches.go | 25 + lxd/storage.go | 23 ++--- lxd/storage_btrfs.go | 69 + lxd/storage_dir.go | 5 +- lxd/storage_lvm.go | 88 lxd/storage_shared.go| 5 +- lxd/storage_zfs.go | 130 +++ lxd/util.go | 3 +- shared/util.go | 28 +++--- shared/util_linux.go | 2 +- 19 files changed, 303 insertions(+), 312 deletions(-) diff --git a/lxd/apparmor.go b/lxd/apparmor.go index cd4ac6c..89881a8 100644 --- a/lxd/apparmor.go +++ b/lxd/apparmor.go @@ -6,7 +6,6 @@ import ( "io" "io/ioutil" "os" - "os/exec" "path" "strings" @@ -395,16 +394,15 @@ func runApparmor(command string, c container) error { return nil } - cmd := exec.Command("apparmor_parser", []string{ + output, err := shared.RunCommand("apparmor_parser", []string{ fmt.Sprintf("-%sWL", command), path.Join(aaPath, "cache"), path.Join(aaPath, "profiles", AAProfileShort(c)), }...) - output, err := cmd.CombinedOutput() if err != nil { shared.LogError("Running apparmor", - log.Ctx{"action": command, "output": string(output), "err": err}) + log.Ctx{"action": command, "output": output, "err": err}) } return err @@ -519,7 +517,7 @@ func aaProfile() string { } func aaParserSupports(feature string) bool { - out, err := exec.Command("apparmor_parser", "--version").CombinedOutput() + out, err := shared.RunCommand("apparmor_parser", "--version") if err != nil { return false } @@ -528,7 +526,7 @@ func aaParserSupports(feature string) bool { minor := 0 micro := 0 - _, err = fmt.Sscanf(strings.Split(string(out), "\n")[0], "AppArmor parser version %d.%d.%d", &major, &minor, µ) + _, err = fmt.Sscanf(strings.Split(out, "\n")[0], "AppArmor parser version %d.%d.%d", &major, &minor, µ) if err != nil { return false } diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index efd7c72..9177f77 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1753,7 +1753,7 @@ func (c *containerLXC) startCommon() (string, error) { if m["nictype"] == "macvlan" && m["vlan"] != "" { device := networkGetHostDevice(m["parent"], m["vlan"]) if !shared.PathExists(fmt.Sprintf("/sys/class/net/%s", device)) { - err := shared.RunCommand("ip", "link", "add", "link", m["parent"], "name", device, "up", "type", "vlan", "id", m["vlan"]) + _, err := shared.RunCommand("ip", "link", "add", "link", m["parent"], "name", device, "up", "type", "vlan", "id", m["vlan"]) if err != nil { return "", err } @@ -1950,16 +1950,16 @@ func (c *containerLXC) Start(stateful bool) error { } // Start the LXC container - out, err := exec.Command( + out, err := shared.RunCommand( execPath, "forkstart", c.name, c.daemon.lxcpath, - configPath).CombinedOutput() + configPath) // Capture debug output - if string(out) != "" { - for _, line := range strings.Split(strings.TrimRight(string(out), "\n"), "\n") { + if out != "" { + for _, line := range strings.Split(strings.TrimRight(out, "\n"), "\n") { shared.LogDebugf("forkstart: %s", line) } } @@ -4170,18 +4170,18 @@ func (c *containerLXC) Migrate(cmd uint, stateDir string, function string, stop configPath := filepath.Join(c.LogPat
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3028 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 8abb1b3a40aa90f6b2be02cab51e3475dc625f50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 6 Mar 2017 18:31:23 -0500 Subject: [PATCH] shared/idmap: Fix various issues MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Restore our old default map for when no shadow is found - Fix the logic that determines whether a map is valid or not to work with hybrid maps (entries that are listed with Isuid and Isgid both true). Signed-off-by: Stéphane Graber --- shared/idmapset_linux.go | 55 +--- 1 file changed, 43 insertions(+), 12 deletions(-) diff --git a/shared/idmapset_linux.go b/shared/idmapset_linux.go index 85e991f..7a8648a 100644 --- a/shared/idmapset_linux.go +++ b/shared/idmapset_linux.go @@ -7,6 +7,7 @@ import ( "os/exec" "path" "path/filepath" + "reflect" "sort" "strconv" "strings" @@ -106,24 +107,42 @@ func (e *IdmapEntry) Usable() error { return err } - valid := false - for _, kernelRange := range kernelRanges { - if kernelRange.Isuid != e.Isuid { - continue - } + // Validate the uid map + if e.Isuid { + valid := false + for _, kernelRange := range kernelRanges { + if !kernelRange.Isuid { + continue + } - if kernelRange.Isgid != e.Isgid { - continue + if kernelRange.Contains(e.Hostid) && kernelRange.Contains(e.Hostid+e.Maprange-1) { + valid = true + break + } } - if kernelRange.Contains(e.Hostid) && kernelRange.Contains(e.Hostid+e.Maprange-1) { - valid = true - break + if !valid { + return fmt.Errorf("The '%s' map can't work in the current user namespace.", e.ToLxcString()) } } - if !valid { - return fmt.Errorf("The '%s' map can't work in the current user namespace.", e.ToLxcString()) + // Validate the gid map + if e.Isgid { + valid := false + for _, kernelRange := range kernelRanges { + if !kernelRange.Isgid { + continue + } + + if kernelRange.Contains(e.Hostid) && kernelRange.Contains(e.Hostid+e.Maprange-1) { + valid = true + break + } + } + + if !valid { + return fmt.Errorf("The '%s' map can't work in the current user namespace.", e.ToLxcString()) + } } return nil @@ -683,6 +702,18 @@ func DefaultIdmapSet() (*IdmapSet, error) { return nil, err } + // Special case for when we have the full kernel range + fullKernelRanges := []*IdRange{ + {true, false, int64(0), int64(4294967294)}, + {false, true, int64(0), int64(4294967294)}} + + if reflect.DeepEqual(kernelRanges, fullKernelRanges) { + // Hardcoded fallback map + e := IdmapEntry{Isuid: true, Isgid: true, Nsid: 0, Hostid: 100, Maprange: 10} + idmapset.Idmap = Extend(idmapset.Idmap, e) + return idmapset, nil + } + // Find a suitable uid range for _, entry := range kernelRanges { // We only care about uids right now ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3025 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From fa8ca6cd7f34776a13d31f55b1bc9c3524616057 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 6 Mar 2017 13:37:46 -0500 Subject: [PATCH 1/2] storage: Harden the btrfs migration code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3024 Signed-off-by: Stéphane Graber --- lxd/patches.go | 23 --- lxd/storage.go | 1 - 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lxd/patches.go b/lxd/patches.go index e51443c..421994e 100644 --- a/lxd/patches.go +++ b/lxd/patches.go @@ -381,7 +381,7 @@ func upgradeFromStorageTypeBtrfs(name string, d *Daemon, defaultPoolName string, // mv ${LXD_DIR}/containers/ ${LXD_DIR}/storage-pools// oldContainerMntPoint := shared.VarPath("containers", ct) newContainerMntPoint := getContainerMountPoint(defaultPoolName, ct) - if shared.PathExists(oldContainerMntPoint) { + if shared.PathExists(oldContainerMntPoint) && !shared.PathExists(newContainerMntPoint) { err = os.Rename(oldContainerMntPoint, newContainerMntPoint) if err != nil { return err @@ -451,15 +451,17 @@ func upgradeFromStorageTypeBtrfs(name string, d *Daemon, defaultPoolName string, // readonly snapshots. oldSnapshotMntPoint := shared.VarPath("snapshots", cs) newSnapshotMntPoint := getSnapshotMountPoint(defaultPoolName, cs) - err = btrfsSnapshot(oldSnapshotMntPoint, newSnapshotMntPoint, true) - if err != nil { - return err - } + if shared.PathExists(oldSnapshotMntPoint) && !shared.PathExists(newSnapshotMntPoint) { + err = btrfsSnapshot(oldSnapshotMntPoint, newSnapshotMntPoint, true) + if err != nil { + return err + } - // Delete the old subvolume. - err = btrfsSubVolumesDelete(oldSnapshotMntPoint) - if err != nil { - return err + // Delete the old subvolume. + err = btrfsSubVolumesDelete(oldSnapshotMntPoint) + if err != nil { + return err + } } } @@ -478,7 +480,6 @@ func upgradeFromStorageTypeBtrfs(name string, d *Daemon, defaultPoolName string, } } } - } // Insert storage volumes for images into the database. Images don't @@ -520,7 +521,7 @@ func upgradeFromStorageTypeBtrfs(name string, d *Daemon, defaultPoolName string, oldImageMntPoint := shared.VarPath("images", img+".btrfs") newImageMntPoint := getImageMountPoint(defaultPoolName, img) - if shared.PathExists(oldImageMntPoint) { + if shared.PathExists(oldImageMntPoint) && !shared.PathExists(newImageMntPoint) { err := os.Rename(oldImageMntPoint, newImageMntPoint) if err != nil { return err diff --git a/lxd/storage.go b/lxd/storage.go index 188037c..fb34784 100644 --- a/lxd/storage.go +++ b/lxd/storage.go @@ -480,7 +480,6 @@ func createContainerMountpoint(mountPoint string, mountPointSymlink string, priv if err != nil { return err } - } err = os.Chmod(mountPoint, mode) From 544e129b870d96f5ac70377e996f956bc50731b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 6 Mar 2017 14:56:57 -0500 Subject: [PATCH 2/2] storage: Deal with source not being btrfs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #3024 Signed-off-by: Stéphane Graber --- lxd/patches.go | 48 +--- 1 file changed, 41 insertions(+), 7 deletions(-) diff --git a/lxd/patches.go b/lxd/patches.go index 421994e..0827a2a 100644 --- a/lxd/patches.go +++ b/lxd/patches.go @@ -384,7 +384,24 @@ func upgradeFromStorageTypeBtrfs(name string, d *Daemon, defaultPoolName string, if shared.PathExists(oldContainerMntPoint) && !shared.PathExists(newContainerMntPoint) { err = os.Re
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3015 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From c6dd45a3b16c4bcd39479cc4c467a0f184ac9e3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 4 Mar 2017 01:46:49 -0500 Subject: [PATCH 1/2] rsync: Tweak logging a bit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/rsync.go | 20 ++-- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lxd/rsync.go b/lxd/rsync.go index f6a5ff5..6f87076 100644 --- a/lxd/rsync.go +++ b/lxd/rsync.go @@ -89,13 +89,14 @@ func rsyncSendSetup(path string) (*exec.Cmd, net.Conn, io.ReadCloser, error) { // directory pointed to by path over the websocket. func RsyncSend(path string, conn *websocket.Conn, readWrapper func(io.ReadCloser) io.ReadCloser) error { cmd, dataSocket, stderr, err := rsyncSendSetup(path) - if dataSocket != nil { - defer dataSocket.Close() - } if err != nil { return err } + if dataSocket != nil { + defer dataSocket.Close() + } + readPipe := io.ReadCloser(dataSocket) if readWrapper != nil { readPipe = readWrapper(dataSocket) @@ -105,12 +106,12 @@ func RsyncSend(path string, conn *websocket.Conn, readWrapper func(io.ReadCloser output, err := ioutil.ReadAll(stderr) if err != nil { - shared.LogDebugf("problem reading rsync stderr %s", err) + return err } err = cmd.Wait() if err != nil { - shared.LogDebugf("problem with rsync send of %s: %s: %s", path, err, string(output)) + shared.LogErrorf("Rsync send failed: %s: %s: %s", path, err, string(output)) } <-readDone @@ -157,15 +158,14 @@ func RsyncRecv(path string, conn *websocket.Conn, writeWrapper func(io.WriteClos } readDone, writeDone := shared.WebsocketMirror(conn, writePipe, stdout, nil, nil) - data, err2 := ioutil.ReadAll(stderr) - if err2 != nil { - shared.LogDebugf("error reading rsync stderr: %s", err2) - return err2 + output, err := ioutil.ReadAll(stderr) + if err != nil { + return err } err = cmd.Wait() if err != nil { - shared.LogDebugf("rsync recv error for path %s: %s: %s", path, err, string(data)) + shared.LogErrorf("Rsync receive failed: %s: %s: %s", path, err, string(output)) } <-readDone From c2e52d0be03c51d2ac402127cf4c6f793090e624 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 4 Mar 2017 14:22:08 -0500 Subject: [PATCH 2/2] doc: Improve storage doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes: #3013 Signed-off-by: Stéphane Graber --- doc/storage-backends.md | 37 +++-- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/doc/storage-backends.md b/doc/storage-backends.md index 30d2054..f5331fc 100644 --- a/doc/storage-backends.md +++ b/doc/storage-backends.md @@ -44,6 +44,12 @@ rsync is used to transfer the container content across. lxc storage create pool1 dir ``` +* Use an existing directory for "pool2". + +``` +lxc storage create pool2 dir source=/data/lxd +``` + ### Btrfs - Uses a subvolume per container, image and snapshot, creating btrfs snapshots when creating a new object. @@ -63,15 +69,12 @@ lxc storage create pool1 btrfs lxc storage create pool1 btrfs source=/some/path ``` - - Create a new pool called "pool1" on "/dev/sdX". ``` -lxc storage create pool1 zfs source=/dev/sdX +lxc storage create pool1 btrfs source=/dev/sdX ``` - - ### LVM - Uses LVs for images, then LV snapshots for containers and container snapshots. @@ -79,19 +82,25 @@ lxc storage create pool1 zfs source=/dev/sdX The following commands can be used to create LVM storage pools -- Use the existing volume group "my-pool" +- Create a loop-backed pool named "pool1". The LVM Volume Group will also be called "pool1". + +``` +lxc storage create pool1 lvm +``` + +- Use the existing LVM Volume Group called "my-pool" ``` lxc storage create pool1 lvm source=my-pool ``` -- Create new pool named "pool1" on "/dev/sdX". +- Create a new pool named "pool1" on "/dev/sdX". The LVM Volume Group will also be called "pool1". ``` lxc storage create pool1 lvm source=/dev/sdX ``` -- Create new pool on "/dev/sdX" with the volume group name "my-pool". +- Create a new pool called "pool1" using "/dev/sdX" with the LVM Volume Group called "my-pool". ``` lxc storage create pool1 lvm s
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/3011 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 9a1689417a381f8d8b99685e8cfe0b87a43da2e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 3 Mar 2017 18:38:06 -0500 Subject: [PATCH 1/2] doc: Add instructions to grow ZFS loop MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Launchpad: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1648995 Signed-off-by: Stéphane Graber --- doc/storage-backends.md | 10 ++ 1 file changed, 10 insertions(+) diff --git a/doc/storage-backends.md b/doc/storage-backends.md index bdb4253..30d2054 100644 --- a/doc/storage-backends.md +++ b/doc/storage-backends.md @@ -160,3 +160,13 @@ lxc storage create pool1 zfs source=/dev/sdX ``` lxc storage create pool1 zfs source=/dev/sdX zfs.pool_name=my-tank ``` + + Growing a loop backed ZFS pool +LXD doesn't let you directly grow a loop backed ZFS pool, but you can do so with: + +``` +sudo truncate -s +5G /var/lib/lxd/disks/.img +sudo zpool set autoexpand=on lxd +sudo zpool online -e lxd /var/lib/lxd/disks/.img +sudo zpool set autoexpand=off lxd +``` From 1fb7f8e09e0c0620ed7c792eed973aa45a0c09f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 3 Mar 2017 18:49:06 -0500 Subject: [PATCH 2/2] lxc: Properly implement "profile unset" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Launchpad: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1669772 Signed-off-by: Stéphane Graber --- lxc/profile.go | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/lxc/profile.go b/lxc/profile.go index 1685826..7e79e23 100644 --- a/lxc/profile.go +++ b/lxc/profile.go @@ -154,7 +154,7 @@ func (c *profileCmd) run(config *lxd.Config, args []string) error { case "set": return c.doProfileSet(client, profile, args[2:]) case "unset": - return c.doProfileSet(client, profile, args[2:]) + return c.doProfileUnset(client, profile, args[2:]) case "copy": return c.doProfileCopy(config, client, profile, args[2:]) case "show": @@ -415,6 +415,15 @@ func (c *profileCmd) doProfileSet(client *lxd.Client, p string, args []string) e return err } +func (c *profileCmd) doProfileUnset(client *lxd.Client, p string, args []string) error { + // we shifted @args so so it should read " []" + if len(args) != 1 { + return errArgs + } + + return c.doProfileSet(client, p, args) +} + func (c *profileCmd) doProfileList(config *lxd.Config, args []string) error { var remote string if len(args) > 1 { ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2995 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From e01c1785921883b84391305af64293f405099bb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 2 Mar 2017 13:05:49 -0500 Subject: [PATCH] Fix error handling in all filepath.Walk calls MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 7 ++- shared/idmapset_linux.go | 6 ++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index dd86bd8..c122ecd 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -3822,7 +3822,12 @@ func (c *containerLXC) Export(w io.Writer, properties map[string]string) error { offset := len(cDir) + 1 writeToTar := func(path string, fi os.FileInfo, err error) error { - if err := c.tarStoreFile(linkmap, offset, tw, path, fi); err != nil { + if err != nil { + return err + } + + err = c.tarStoreFile(linkmap, offset, tw, path, fi) + if err != nil { shared.LogDebugf("Error tarring up %s: %s", path, err) return err } diff --git a/shared/idmapset_linux.go b/shared/idmapset_linux.go index d08970e..85e991f 100644 --- a/shared/idmapset_linux.go +++ b/shared/idmapset_linux.go @@ -455,10 +455,15 @@ func (set *IdmapSet) doUidshiftIntoContainer(dir string, testmode bool, how stri dir = strings.TrimRight(dir, "/") convert := func(path string, fi os.FileInfo, err error) (e error) { + if err != nil { + return err + } + intUid, intGid, _, _, _, _, err := GetFileStat(path) if err != nil { return err } + uid := int64(intUid) gid := int64(intGid) @@ -484,6 +489,7 @@ func (set *IdmapSet) doUidshiftIntoContainer(dir string, testmode bool, how stri if !PathExists(dir) { return fmt.Errorf("No such file or directory: %q", dir) } + return filepath.Walk(dir, convert) } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2989 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From b7cff1de7fa2000ff243b94dc0f4d7ab224599de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 28 Feb 2017 23:56:46 -0500 Subject: [PATCH 1/3] "lxd init" can be run by trusted users now MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- README.md | 2 +- lxc/main.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5fdc5eb..71cc926 100644 --- a/README.md +++ b/README.md @@ -233,7 +233,7 @@ choice installed on the machine (btrfs-progs, lvm2 or zfsutils-linux). By default, LXD comes with no configured network or storage. You can get a basic configuration done with: -sudo lxd init +lxd init "lxd init" supports both directory based storage and ZFS. If you want something else, you'll need to use the "lxc storage" command: diff --git a/lxc/main.go b/lxc/main.go index 70e7d10..748f286 100644 --- a/lxc/main.go +++ b/lxc/main.go @@ -133,7 +133,7 @@ func run() error { return err } - fmt.Fprintf(os.Stderr, i18n.G("If this is your first time using LXD, you should also run: sudo lxd init")+"\n") + fmt.Fprintf(os.Stderr, i18n.G("If this is your first time using LXD, you should also run: lxd init")+"\n") fmt.Fprintf(os.Stderr, i18n.G("To start your first container, try: lxc launch ubuntu:16.04")+"\n\n") } From 838f54b63536624ab4de83535da6df9c32a0d124 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 28 Feb 2017 23:57:06 -0500 Subject: [PATCH 2/3] Update i18n MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- po/de.po | 5 ++--- po/el.po | 5 ++--- po/fr.po | 6 +++--- po/ja.po | 6 +++--- po/lxd.pot | 4 ++-- po/nl.po | 5 ++--- po/ru.po | 5 ++--- 7 files changed, 16 insertions(+), 20 deletions(-) diff --git a/po/de.po b/po/de.po index d3b919a..2332d6c 100644 --- a/po/de.po +++ b/po/de.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: LXD\n" "Report-Msgid-Bugs-To: lxc-devel@lists.linuxcontainers.org\n" -"POT-Creation-Date: 2017-02-28 23:20-0500\n" +"POT-Creation-Date: 2017-02-28 23:57-0500\n" "PO-Revision-Date: 2017-02-14 17:11+\n" "Last-Translator: Tim Rose \n" "Language-Team: German
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2978 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === https://assets-cdn.github.com/assets/frameworks-d876e21057f406b37686f3dc7b9666f5957cda4847a48ec11e040df065624617.css"; media="all" rel="stylesheet" /> https://assets-cdn.github.com/assets/github-2c20bb18aca3df4fe27a3fbf9e6db00404b7ef3d781a8afa38f53caa72b4c357.css"; media="all" rel="stylesheet" /> https://assets-cdn.github.com/assets/site-dd6d43570c14503704e8983a7dd8e62484a668da1ce4ce997929ae2f367584c0.css"; media="all" rel="stylesheet" /> Bugfixes by stgraber · Pull Request #2978 · lxc/lxd · GitHub https://github.com/fluidicon.png"; title="GitHub"> https://assets-cdn.github.com/";> https://collector.githubapp.com/github-external/browser_event"; name="octolytics-event-url" /> span.labelstyle-0052cc, .linked-labelstyle-0052cc { background-color: #0052cc !important; color: #fff !important;}.labelstyle-0052cc.selected { background-color: #0052cc !important; color: #fff !important;}.label-select-menu .labelstyle-0052cc.selected { background:rgba(0, 82, 204, 0.12) !important; color: #003d99 !important;} span.labelstyle-006b75, .linked-labelstyle-006b75 { background-color: #006b75 !important; color: #fff !important;}.labelstyle-006b75.selected { background-color: #006b75 !important; color: #fff !important;}.label-select-menu .labelstyle-006b75.selected { background:rgba(0, 107, 117, 0.12) !important; color: #008b99 !important;} span.labelstyle-eb6420, .linked-labelstyle-eb6420 { background-color: #eb6420 !important; color: #fff !important;}.labelstyle-eb6420.selected { background-color: #eb6420 !important; color: #fff !important;}.label-select-menu .labelstyle-eb6420.selected { background:rgba(235, 100, 32, 0.12) !important; color: #994114 !important;} span.labelstyle-fbca04, .linked-labelstyle-fbca04 { background-color: #fbca04 !important; color: #332900 !important;}.labelstyle-fbca04.selected { background-color: #fbca04 !important; color: #332900 !important;}.label-select-menu .labelstyle-fbca04.selected { background:rgba(251, 202, 4, 0.12) !important; color: #997b02 !important;} span.labelstyle-009800, .linked-labelstyle-009800 { background-color: #009800 !important; color: #fff !important;}.labelstyle-009800.selected { background-color: #009800 !important; color: #fff !important;}.label-select-menu .labelstyle-009800.selected { background:rgba(0, 152, 0, 0.12) !important; color: #009900 !important;} span.labelstyle-00, .linked-labelstyle-00 { background-color: #00 !important; color: #fff !important;}.labelstyle-00.selected { background-color: #00 !important; color: #fff !important;}.label-select-menu .labelstyle-00.selected { background:rgba(247, 247, 247, 1.0) !important; color: #66 !important;} span.labelstyle-84b6eb, .linked-labelstyle-84b6eb { background-color: #84b6eb !important; color: #1c2733 !important;}.labelstyle-84b6eb.selected { background-color: #84b6eb !important; color: #1c2733 !important;}.label-select-menu .labelstyle-84b6eb.selected { background:rgba(132, 182, 235, 0.12) !important; color: #557699 !important;} span.labelstyle-5319e7, .linked-labelstyle-5319e7 { background-color: #5319e7 !important; color: #fff !important;}.labelstyle-5319e7.selected { background-color: #5319e7 !important; color: #fff !important;}.label-select-menu .labelstyle-5319e7.selected { background:rgba(83, 25, 231, 0.12) !important; color: #361099 !important;} span.labelstyle-d4c5f9, .linked-labelstyle-d4c5f9 { background-color: #d4c5f9 !important; color: #2b2833 !important;}.labelstyle-d4c5f9.selected { background-color: #d4c5f9 !important; color: #2b2833 !important;}.label-select-menu .labelstyle-d4c5f9.selected { background:rgba(212, 197, 249, 0.12) !important; color: #827999 !important;} span.labelstyle-e11d21, .linked-labelstyle-e11d21 { background-color: #e11d21 !important; color: #fff !important;}.labelstyle-e11d21.selected { background-color: #e11d21 !important; color: #fff !important;}.label-select-menu .labelstyle-e11d21.selected { background:rgba(225, 29, 33, 0.12) !important; color: #991316 !important;} https://github.com/lxc/lxd.git";> https://github.com/lxc/lxd/commits/master.atom"; rel="alternate" title="Recent Commits to lxd:master" type="application/atom+xml"> https://api.github.com/_private/browser/stats";> https://api.github.com/_private/browser/errors";> https://assets-cdn.github.com/pinned-octocat.svg"; color="#00"> https://assets-cdn.github.com/favicon.ico";> Skip
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2972 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 784ff280bc02fb75ef694612bd1a146e417aacd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 27 Feb 2017 23:48:05 -0500 Subject: [PATCH 1/2] Properly validate architectures MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2971 Signed-off-by: Stéphane Graber --- lxd/container.go | 4 lxd/containers_post.go | 33 +++-- 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/lxd/container.go b/lxd/container.go index 96257cc..bf8d297 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -703,6 +703,10 @@ func containerCreateInternal(d *Daemon, args containerArgs) (container, error) { return nil, err } + if !shared.IntInSlice(args.Architecture, d.architectures) { + return nil, fmt.Errorf("Requested architecture isn't supported by this host") + } + // Validate profiles profiles, err := dbProfiles(d.db) if err != nil { diff --git a/lxd/containers_post.go b/lxd/containers_post.go index 7042634..1843b86 100644 --- a/lxd/containers_post.go +++ b/lxd/containers_post.go @@ -113,11 +113,10 @@ func createFromImage(d *Daemon, req *api.ContainersPost) Response { hash = imgInfo.Fingerprint - architecture, err := osarch.ArchitectureId(imgInfo.Architecture) + args.Architecture, err = osarch.ArchitectureId(imgInfo.Architecture) if err != nil { - architecture = 0 + return err } - args.Architecture = architecture _, err = containerCreateFromImage(d, args, hash) return err @@ -135,19 +134,25 @@ func createFromImage(d *Daemon, req *api.ContainersPost) Response { } func createFromNone(d *Daemon, req *api.ContainersPost) Response { - architecture, err := osarch.ArchitectureId(req.Architecture) - if err != nil { - architecture = 0 + args := containerArgs{ + Config:req.Config, + Ctype: cTypeRegular, + Devices: req.Devices, + Ephemeral: req.Ephemeral, + Name: req.Name, + Profiles: req.Profiles, } - args := containerArgs{ - Architecture: architecture, - Config: req.Config, - Ctype:cTypeRegular, - Devices: req.Devices, - Ephemeral:req.Ephemeral, - Name: req.Name, - Profiles: req.Profiles, + if req.Architecture != "" { + architecture, err := osarch.ArchitectureId(req.Architecture) + if err != nil { + return InternalError(err) + } + args.Architecture = architecture + } + + if !shared.IntInSlice(args.Architecture, d.architectures) { + return BadRequest(fmt.Errorf("Image architecture unsupported by this host")) } run := func(op *operation) error { From a88a65e896b7a0d7b9194519c0f3309a37bd814c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 28 Feb 2017 00:21:40 -0500 Subject: [PATCH 2/2] Detect and fail to transfer symlinks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2970 Signed-off-by: Stéphane Graber --- client.go | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/client.go b/client.go index bd911a7..bc4ce80 100644 --- a/client.go +++ b/client.go @@ -1864,7 +1864,12 @@ func (c *Client) RecursivePushFile(container string, source string, target strin sendFile := func(p string, fInfo os.FileInfo, err error) error { if err != nil { - return fmt.Errorf("got error sending path %s: %s", p, err) + return fmt.Errorf("Failed to walk path for %s: %s", p, err) + } + + // Detect symlinks + if !fInfo.Mode().IsRegular() && !fInfo.Mode().IsDir() { + return fmt.Errorf("'%s' isn't a regular file or directory.", p) } appendLen := len(sourceDir) ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2969 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 22176fb5343c0fb9393937ab3004c94f2d30afc3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 27 Feb 2017 15:59:52 -0500 Subject: [PATCH 1/5] Fix uint32 check MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/container.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shared/container.go b/shared/container.go index 34363c4..038a7cb 100644 --- a/shared/container.go +++ b/shared/container.go @@ -34,7 +34,7 @@ func IsUint32(value string) error { return nil } - _, err := strconv.ParseInt(value, 10, 32) + _, err := strconv.ParseUint(value, 10, 32) if err != nil { return fmt.Errorf("Invalid value for uint32: %s: %v", value, err) } From 67bc302ee6838901dde79f0fa81962747d875af4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 27 Feb 2017 16:02:49 -0500 Subject: [PATCH 2/5] Don't parse id ranges as int32 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index d172e8a..09100b1 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -464,12 +464,12 @@ func idmapSize(daemon *Daemon, isolatedStr string, size string) (int64, error) { idMapSize = daemon.IdmapSet.Idmap[0].Maprange } } else { - size, err := strconv.ParseInt(size, 10, 32) + size, err := strconv.ParseInt(size, 10, 64) if err != nil { return 0, err } - idMapSize = int64(size) + idMapSize = size } return idMapSize, nil @@ -621,7 +621,7 @@ func findIdmap(daemon *Daemon, cName string, isolatedStr string, configSize stri cBase := int64(0) if container.ExpandedConfig()["volatile.idmap.base"] != "" { - cBase, err = strconv.ParseInt(container.ExpandedConfig()["volatile.idmap.base"], 10, 32) + cBase, err = strconv.ParseInt(container.ExpandedConfig()["volatile.idmap.base"], 10, 64) if err != nil { return nil, 0, err } From 0fff6cd3504b19d5a02374af65b631e5d4a613ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 27 Feb 2017 16:04:19 -0500 Subject: [PATCH 3/5] Clarify uid/gid error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 09100b1..dd86bd8 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -676,7 +676,7 @@ func findIdmap(daemon *Daemon, cName string, isolatedStr string, configSize stri return mkIdmap(offset, size), offset, nil } - return nil, 0, fmt.Errorf("no map range available") + return nil, 0, fmt.Errorf("Not enough uid/gid available for the container.") } func (c *containerLXC) init() error { From fc489d29d69af4e62e20dce6aff8714021ee56e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 27 Feb 2017 16:34:08 -0500 Subject: [PATCH 4/5] idmap: Make more of an effort to find a default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/daemon.go| 36 -- shared/idmapset_linux.go | 77 ++-- 2 files changed, 96 insertions(+), 17 deletions(-) diff --git a/lxd/daemon.go b/lxd/daemon.go index 9c77fce..0c79406 100644 --- a/lxd/daemon.go +++ b/lxd/daemon.go @@ -798,7 +798,7 @@ func (d *Daemon) Init() error { /* Read the uid/gid allocation */ d.IdmapSet, err = shared.DefaultIdmapSet() if err != nil { - shared.LogWarn("Error reading default idmap", log.Ctx{"err": err.Error()}) + shared.LogWarn("Error reading default uid/gid map", log.Ctx{"err": err.Error()}) shared.LogWarnf("Only privileged containers will be able to run") d.IdmapSet = nil } else { @@ -810,24 +810,30 @@ func (d *Daemon) Init() error { } } - shared.LogInfof("Configured LXD uid/gid map:") -
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2963 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 3e042c9f6131f514a75a4737352d74906cbe7045 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 26 Feb 2017 23:43:04 -0500 Subject: [PATCH 1/9] Remove wrong error message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_shared.go | 1 - 1 file changed, 1 deletion(-) diff --git a/lxd/storage_shared.go b/lxd/storage_shared.go index 799ff79..31ae73a 100644 --- a/lxd/storage_shared.go +++ b/lxd/storage_shared.go @@ -78,7 +78,6 @@ func (s *storageShared) setUnprivUserAcl(c container, destPath string) error { acl := fmt.Sprintf("%d:rx", uid) err := exec.Command("setfacl", "-m", acl, destPath).Run() if err == nil { - shared.LogDebugf("Failed to set acl permission on container path: %s", err) return nil } From 441e95c496b4feeec9a21de74d2aa4586db15886 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 26 Feb 2017 23:47:48 -0500 Subject: [PATCH 2/9] storage: Fix logging on image operations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 12 ++-- lxd/storage_lvm.go | 16 lxd/storage_zfs.go | 8 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index e6a6cd6..101ef9e 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -1163,7 +1163,7 @@ func (s *storageBtrfs) ContainerSnapshotCreateEmpty(snapshotContainer container) } func (s *storageBtrfs) ImageCreate(fingerprint string) error { - shared.LogDebugf("Creating BTRFS storage volume for image \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Creating BTRFS storage volume for image \"%s\" on storage pool \"%s\".", fingerprint, s.pool.Name) // Create the subvolume. source := s.pool.Config["source"] @@ -1240,12 +1240,12 @@ func (s *storageBtrfs) ImageCreate(fingerprint string) error { undo = false - shared.LogDebugf("Created BTRFS storage volume for image \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Created BTRFS storage volume for image \"%s\" on storage pool \"%s\".", fingerprint, s.pool.Name) return nil } func (s *storageBtrfs) ImageDelete(fingerprint string) error { - shared.LogDebugf("Deleting BTRFS storage volume for image \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Deleting BTRFS storage volume for image \"%s\" on storage pool \"%s\".", fingerprint, s.pool.Name) _, err := s.StoragePoolMount() if err != nil { @@ -1274,12 +1274,12 @@ func (s *storageBtrfs) ImageDelete(fingerprint string) error { } } - shared.LogDebugf("Deleted BTRFS storage volume for image \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Deleted BTRFS storage volume for image \"%s\" on storage pool \"%s\".", fingerprint, s.pool.Name) return nil } func (s *storageBtrfs) ImageMount(fingerprint string) (bool, error) { - shared.LogDebugf("Mounting BTRFS storage volume for image \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Mounting BTRFS storage volume for image \"%s\" on storage pool \"%s\".", fingerprint, s.pool.Name) // The storage pool must be mounted. _, err := s.StoragePoolMount() @@ -1287,7 +1287,7 @@ func (s *storageBtrfs) ImageMount(fingerprint string) (bool, error) { return false, err } - shared.LogDebugf("Mounted BTRFS storage volume for image \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Mounted BTRFS storage volume for image \"%s\" on storage pool \"%s\".", fingerprint, s.pool.Name) return true, nil } diff --git a/lxd/storage_lvm.go b/lxd/storage_lvm.go index f363536..afac382 100644 --- a/lxd/storage_lvm.go +++ b/lxd/storage_lvm.go @@ -1519,7 +1519,7 @@ func (s *storageLvm) ContainerSnapshotCreateEmpty(snapshotContainer container) e } func (s *storageLvm) ImageCreate(fingerprint string) error { - shared.LogDebugf("Creating LVM storage volume for image \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Creating LVM storage volume for image \"%s\" on storage pool \"%s\".", fingerprint, s.pool.Name) err := s.StoragePoolCheck() if err != nil { @@ -1576,12 +1576,12 @@ func (s
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2951 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 243d4e05b3df4127186e871e420f6ad6bdfc880d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 24 Feb 2017 18:20:11 -0500 Subject: [PATCH 1/5] Improve formatting in events API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/events.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/events.go b/lxd/events.go index 46b7dc6..5778ae9 100644 --- a/lxd/events.go +++ b/lxd/events.go @@ -26,7 +26,7 @@ func logContextMap(ctx []interface{}) map[string]string { if key == "" { key = entry.(string) } else { - ctxMap[key] = fmt.Sprintf("%s", entry) + ctxMap[key] = fmt.Sprintf("%v", entry) key = "" } } From da64dac1ce7bdfe342bdb5c4925e5bfbca980bc3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 25 Feb 2017 01:04:18 -0500 Subject: [PATCH 2/5] storage: Don't spam the INFO loglevel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 84 - lxd/storage_dir.go | 46 +-- lxd/storage_lvm.go | 88 ++-- lxd/storage_mock.go | 4 +-- lxd/storage_zfs.go | 76 ++--- 5 files changed, 149 insertions(+), 149 deletions(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index 35c93ed..1f8a0d8 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -72,7 +72,7 @@ func (s *storageBtrfs) StorageCoreInit() (*storageCore, error) { s.storageCore = sCore - shared.LogInfof("Initializing a BTRFS driver.") + shared.LogDebugf("Initializing a BTRFS driver.") return &sCore, nil } @@ -88,7 +88,7 @@ func (s *storageBtrfs) StoragePoolInit(config map[string]interface{}) (storage, func (s *storageBtrfs) StoragePoolCheck() error { // FIXEM(brauner): Think of something smart or useful (And then think // again if it is worth implementing it. :)). - shared.LogInfof("Checking BTRFS storage pool \"%s\".", s.pool.Name) + shared.LogDebugf("Checking BTRFS storage pool \"%s\".", s.pool.Name) return nil } @@ -291,7 +291,7 @@ func (s *storageBtrfs) StoragePoolDelete() error { } func (s *storageBtrfs) StoragePoolMount() (bool, error) { - shared.LogInfof("Mounting BTRFS storage pool \"%s\".", s.pool.Name) + shared.LogDebugf("Mounting BTRFS storage pool \"%s\".", s.pool.Name) source := s.pool.Config["source"] if source == "" { @@ -375,12 +375,12 @@ func (s *storageBtrfs) StoragePoolMount() (bool, error) { return false, err } - shared.LogInfof("Mounted BTRFS storage pool \"%s\".", s.pool.Name) + shared.LogDebugf("Mounted BTRFS storage pool \"%s\".", s.pool.Name) return true, nil } func (s *storageBtrfs) StoragePoolUmount() (bool, error) { - shared.LogInfof("Unmounting BTRFS storage pool \"%s\".", s.pool.Name) + shared.LogDebugf("Unmounting BTRFS storage pool \"%s\".", s.pool.Name) poolMntPoint := getStoragePoolMountPoint(s.pool.Name) @@ -417,7 +417,7 @@ func (s *storageBtrfs) StoragePoolUmount() (bool, error) { } } - shared.LogInfof("Unmounted BTRFS storage pool \"%s\".", s.pool.Name) + shared.LogDebugf("Unmounted BTRFS storage pool \"%s\".", s.pool.Name) return true, nil } @@ -498,7 +498,7 @@ func (s *storageBtrfs) StoragePoolVolumeDelete() error { } func (s *storageBtrfs) StoragePoolVolumeMount() (bool, error) { - shared.LogInfof("Mounting BTRFS storage volume \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Mounting BTRFS storage volume \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) // The storage pool must be mounted. _, err := s.StoragePoolMount() @@ -506,7 +506,7 @@ func (s *storageBtrfs) StoragePoolVolumeMount() (bool, error) { return false, err } - shared.LogInfof("Mounted BTRFS storage volume \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) + shared.LogDebugf("Mounted BTRFS storage volume \"%s\" on storage pool \"%s\".", s.volume.Name, s.pool.Name) return true, nil } @@ -533,7 +533,7 @@ func (s *storageBtrfs) ContainerStorageReady(name string) bool { } func (s *storageBtrfs) ContainerCreate(container co
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2950 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From f0390134cbcf2ecd9f0bceaaae81f4eec03b9c6d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 24 Feb 2017 13:23:59 -0500 Subject: [PATCH] btrfs: Quotas can't be enabled when unprivileged MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit But lets try anyway just in case it becomes possible. Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index 36fa57a..4da913f 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -199,7 +199,7 @@ func (s *storageBtrfs) StoragePoolCreate() error { // Enable quotas output, err := exec.Command( "btrfs", "quota", "enable", poolMntPoint).CombinedOutput() - if err != nil { + if err != nil && !runningInUserns { return fmt.Errorf("Failed to enable quotas on BTRFS pool: %s", output) } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2944 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 3cee68ae69df77b922680d3def03a786728c99d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 23 Feb 2017 18:08:45 -0500 Subject: [PATCH 1/4] idmap: Drop GetOwner MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/idmapset_linux.go | 7 +-- 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/shared/idmapset_linux.go b/shared/idmapset_linux.go index 8a3ebf3..b2784ab 100644 --- a/shared/idmapset_linux.go +++ b/shared/idmapset_linux.go @@ -319,11 +319,6 @@ func (m IdmapSet) ShiftFromNs(uid int, gid int) (int, int) { return m.doShiftIntoNs(uid, gid, "out") } -func GetOwner(path string) (int, int, error) { - uid, gid, _, _, _, _, err := GetFileStat(path) - return uid, gid, err -} - func (set *IdmapSet) doUidshiftIntoContainer(dir string, testmode bool, how string) error { // Expand any symlink before the final path component tmp := filepath.Dir(dir) @@ -335,7 +330,7 @@ func (set *IdmapSet) doUidshiftIntoContainer(dir string, testmode bool, how stri dir = strings.TrimRight(dir, "/") convert := func(path string, fi os.FileInfo, err error) (e error) { - uid, gid, err := GetOwner(path) + uid, gid, _, _, _, _, err := GetFileStat(path) if err != nil { return err } From ea711b7a191c4aaaf471fdf132034e9af189fa08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 23 Feb 2017 18:33:47 -0500 Subject: [PATCH 2/4] Remove debugging during idmap changes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 336d3db..8e93cad 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1572,7 +1572,7 @@ func (c *containerLXC) startCommon() (string, error) { } if !reflect.DeepEqual(idmap, lastIdmap) { - shared.LogDebugf("Container idmap changed, remapping: %s => %s", lastIdmap, idmap) + shared.LogDebugf("Container idmap changed, remapping") err := c.StorageStart() if err != nil { From 8b8aa238a3ba94d5d77d7f00ec4053d3e880c460 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 23 Feb 2017 19:44:40 -0500 Subject: [PATCH 3/4] idmap: Implement Usable() functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/idmapset_linux.go | 113 +++ 1 file changed, 113 insertions(+) diff --git a/shared/idmapset_linux.go b/shared/idmapset_linux.go index b2784ab..6565842 100644 --- a/shared/idmapset_linux.go +++ b/shared/idmapset_linux.go @@ -7,10 +7,22 @@ import ( "os/exec" "path" "path/filepath" + "sort" "strconv" "strings" ) +type IdRange struct { + Isuid bool + Isgid bool + Startid int + Endid int +} + +func (i *IdRange) Contains(id int) bool { + return id >= i.Startid && id <= i.Endid +} + /* * One entry in id mapping set - a single range of either * uid or gid mappings. @@ -83,6 +95,40 @@ func (e *IdmapEntry) Intersects(i IdmapEntry) bool { return false } +func (e *IdmapEntry) Usable() error { + kernelIdmap, err := CurrentIdmapSet() + if err != nil { + return err + } + + kernelRanges, err := kernelIdmap.ValidRanges() + if err != nil { + return err + } + + valid := false + for _, kernelRange := range kernelRanges { + if kernelRange.Isuid != e.Isuid { + continue + } + + if kernelRange.Isgid != e.Isgid { + continue + } + + if kernelRange.Contains(e.Hostid) && kernelRange.Contains(e.Hostid+e.Maprange-1) { + valid = true + break + } + } + + if !valid { + return fmt.Errorf("The '%s' map can't work in the current user namespace.", e.ToLxcString()) + } + + return nil +} + func (e *IdmapEntry) parse(s string) error { split := strings.Split(s, ":") var err error @@ -184,6 +230,22 @@ func (m IdmapSet) Len() int { return len(m.Idmap) } +func (m IdmapSet) Swap(i, j int) { + m.Idmap[i], m.Idmap[j] = m.Id
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2943 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From da387d5883b02fec56bc6067170577a6b3a200c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 23 Feb 2017 02:32:41 -0500 Subject: [PATCH 1/2] tests: Define the base LVM volume as 25MB too MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/backends/lvm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/backends/lvm.sh b/test/backends/lvm.sh index 3799acd..d51d60a 100644 --- a/test/backends/lvm.sh +++ b/test/backends/lvm.sh @@ -31,7 +31,7 @@ lvm_configure() { echo "==> Configuring lvm backend in ${LXD_DIR}" - lxc storage create "lxdtest-$(basename "${LXD_DIR}")" lvm source="$(cat "${TEST_DIR}/$(basename "${LXD_DIR}").lvm.vg")" volume.size=10MB + lxc storage create "lxdtest-$(basename "${LXD_DIR}")" lvm source="$(cat "${TEST_DIR}/$(basename "${LXD_DIR}").lvm.vg")" volume.size=25MB lxc profile device add default root disk path="/" pool="lxdtest-$(basename "${LXD_DIR}")" } From c9f2da84c7683de1bd16cf2b2f3fa9f43f2f48a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 23 Feb 2017 17:30:06 -0500 Subject: [PATCH 2/2] Add extra validation for unix-block/unix-char MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2941 Signed-off-by: Stéphane Graber --- lxd/container.go | 19 +++ 1 file changed, 19 insertions(+) diff --git a/lxd/container.go b/lxd/container.go index 0cc4e51..9b402da 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -326,6 +326,25 @@ func containerValidDevices(devices types.Devices, profile bool, expanded bool) e if m["path"] == "" { return fmt.Errorf("Unix device entry is missing the required \"path\" property.") } + + if m["major"] == "" || m["minor"] == "" { + if !shared.PathExists(m["path"]) { + return fmt.Errorf("The device path doesn't exist on the host and major/minor wasn't specified.") + } + + dType, _, _, err := deviceGetAttributes(m["path"]) + if err != nil { + return err + } + + if m["type"] == "unix-char" && dType != "c" { + return fmt.Errorf("Path specified for unix-char device is a block device.") + } + + if m["type"] == "unix-block" && dType != "b" { + return fmt.Errorf("Path specified for unix-block device is a character device.") + } + } } else if m["type"] == "usb" { if m["vendorid"] == "" { return fmt.Errorf("Missing vendorid for USB device.") ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2935 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 4ff0d95761b016365f6f4d03af6126871a0c4624 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 23 Feb 2017 00:56:38 -0500 Subject: [PATCH 1/2] tests: Fix mixed tabs/spaces MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/storage_profiles.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/suites/storage_profiles.sh b/test/suites/storage_profiles.sh index da27169..37c2f8c 100644 --- a/test/suites/storage_profiles.sh +++ b/test/suites/storage_profiles.sh @@ -13,12 +13,12 @@ test_storage_profiles() { HAS_ZFS="dir" if which zfs >/dev/null 2>&1; then - HAS_ZFS="zfs" + HAS_ZFS="zfs" fi HAS_BTRFS="dir" if which zfs >/dev/null 2>&1; then - HAS_BTRFS="btrfs" + HAS_BTRFS="btrfs" fi # shellcheck disable=SC1009 From 894b355fbf1d17dcd8a562d0e45435c71977c077 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 23 Feb 2017 01:46:45 -0500 Subject: [PATCH 2/2] Cleanup root device validation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit A few rules: - A container may only have a single root device. - A profile may only have a single root device. - A container can rely on profiles for its root device, but the first rule still applies. - Removing a root device from a profile that a container depends upon isn't allowed. - Adding a root device to a profile which a container uses but under a different name than the existing root device is allowed at the profile level but isn't allowed at the container level. The profile will get saved but the container will not start. Signed-off-by: Stéphane Graber --- lxd/container.go| 73 ++--- lxd/container_lxc.go| 98 - lxd/containers_post.go | 116 ++-- lxd/patches.go | 32 +-- lxd/profiles_utils.go | 7 +-- test/suites/storage_profiles.sh | 19 +++ 6 files changed, 148 insertions(+), 197 deletions(-) diff --git a/lxd/container.go b/lxd/container.go index 3b32f4e..6b15e5a 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -229,14 +229,28 @@ func isRootDiskDevice(device types.Device) bool { return false } -func containerGetRootDiskDevice(devices types.Devices) (string, types.Device) { - for devName, dev := range devices { - if isRootDiskDevice(dev) { - return devName, dev +func containerGetRootDiskDevice(devices types.Devices) (string, types.Device, error) { + var devName string + var dev types.Device + + count := 0 + for n, d := range devices { + if isRootDiskDevice(d) { + count += 1 + devName = n + dev = d } } - return "", types.Device{} + if count == 1 { + return devName, dev, nil + } + + if count > 1 { + return "", types.Device{}, fmt.Errorf("More than one root device found.") + } + + return "", types.Device{}, fmt.Errorf("No root device could be found.") } func containerValidDevices(devices types.Devices, profile bool, expanded bool) error { @@ -330,9 +344,9 @@ func containerValidDevices(devices types.Devices, profile bool, expanded bool) e // Checks on the expanded config if expanded { - k, _ := containerGetRootDiskDevice(devices) - if k == "" { - return fmt.Errorf("Container is lacking rootfs entry") + _, _, err := containerGetRootDiskDevice(devices) + if err != nil { + return err } } @@ -447,7 +461,6 @@ type container interface { // FIXME: Those should be internal functions // Needed for migration for now. - GetStoragePoolFromDevices() (string, error) StorageStart() error StorageStop() error Storage() storage @@ -681,37 +694,6 @@ func containerCreateInternal(d *Daemon, args containerArgs) (container, error) { } } - // Check that there are no contradicting root disk devices. - var profileRootDiskDevices []string - for _, pName := range args.Profiles { - _, p, err := dbProfileGet(d.db, pName) - if err != nil { - return nil, fmt.Errorf("Could not load profile '%s'.", pName) -
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2926 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 8317c3c1d6d6385c417a02233bc2cc6dafdd1206 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Feb 2017 22:55:35 -0500 Subject: [PATCH 1/2] btrfs: Always use the recursive subvol functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 44 ++-- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index 8ba340a..1b9e816 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -235,16 +235,16 @@ func (s *storageBtrfs) StoragePoolDelete() error { // Delete default subvolumes. dummyDir := getContainerMountPoint(s.pool.Name, "") - s.btrfsPoolVolumeDelete(dummyDir) + s.btrfsPoolVolumesDelete(dummyDir) dummyDir = getSnapshotMountPoint(s.pool.Name, "") - s.btrfsPoolVolumeDelete(dummyDir) + s.btrfsPoolVolumesDelete(dummyDir) dummyDir = getImageMountPoint(s.pool.Name, "") - s.btrfsPoolVolumeDelete(dummyDir) + s.btrfsPoolVolumesDelete(dummyDir) dummyDir = getStoragePoolVolumeMountPoint(s.pool.Name, "") - s.btrfsPoolVolumeDelete(dummyDir) + s.btrfsPoolVolumesDelete(dummyDir) _, err := s.StoragePoolUmount() if err != nil { @@ -269,7 +269,7 @@ func (s *storageBtrfs) StoragePoolDelete() error { } else { var err error if s.d.BackingFs == "btrfs" { - err = s.btrfsPoolVolumeDelete(source) + err = s.btrfsPoolVolumesDelete(source) } else { // This is a loop file --> simply remove it. err = os.Remove(source) @@ -464,7 +464,7 @@ func (s *storageBtrfs) StoragePoolVolumeDelete() error { // Delete subvolume. customSubvolumeName := getStoragePoolVolumeMountPoint(s.pool.Name, s.volume.Name) - err = s.btrfsPoolVolumeDelete(customSubvolumeName) + err = s.btrfsPoolVolumesDelete(customSubvolumeName) if err != nil { return err } @@ -641,7 +641,7 @@ func (s *storageBtrfs) ContainerDelete(container container) error { // Delete the subvolume. containerSubvolumeName := getContainerMountPoint(s.pool.Name, container.Name()) - err = s.btrfsPoolVolumeDelete(containerSubvolumeName) + err = s.btrfsPoolVolumesDelete(containerSubvolumeName) if err != nil { return err } @@ -970,7 +970,7 @@ func (s *storageBtrfs) ContainerSnapshotDelete(snapshotContainer container) erro } snapshotSubvolumeName := getSnapshotMountPoint(s.pool.Name, snapshotContainer.Name()) - err = s.btrfsPoolVolumeDelete(snapshotSubvolumeName) + err = s.btrfsPoolVolumesDelete(snapshotSubvolumeName) if err != nil { return err } @@ -1143,7 +1143,7 @@ func (s *storageBtrfs) ImageCreate(fingerprint string) error { undo := true defer func() { if undo { - s.btrfsPoolVolumeDelete(tmpImageSubvolumeName) + s.btrfsPoolVolumesDelete(tmpImageSubvolumeName) } }() @@ -1157,18 +1157,18 @@ func (s *storageBtrfs) ImageCreate(fingerprint string) error { // Now create a read-only snapshot of the subvolume. // The path with which we do this is // ${LXD_DIR}/storage-pools//images/. - err = s.btrfsPoolVolumeSnapshot(tmpImageSubvolumeName, imageSubvolumeName, true) + err = s.btrfsPoolVolumesSnapshot(tmpImageSubvolumeName, imageSubvolumeName, true) if err != nil { return err } defer func() { if undo { - s.btrfsPoolVolumeDelete(imageSubvolumeName) + s.btrfsPoolVolumesDelete(imageSubvolumeName) } }() - err = s.btrfsPoolVolumeDelete(tmpImageSubvolumeName) + err = s.btrfsPoolVolumesDelete(tmpImageSubvolumeName) if err != nil { return err } @@ -1187,7 +1187,7 @@ func (s *storageBtrfs) ImageDelete(fingerprint string) error { // Delete the btrfs subvolume. The path with which we // do this is ${LXD_DIR}/storage-pools//images/. imageSubvolumeName := getImageMountPoint(s.pool.Name, fingerprint) - err = s.btrfsPoolVolumeDelete(imageSubvolumeName) + err = s.btrfsPoolVolumesDelete(imageSubvolumeName) if err != nil { return err } @@ -1601,11 +1601,11 @@ func (s *btrfsMigra
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2924 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Stéphane Graber From fb8732938891cb86ed61b0b49e68851fdd7625f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Feb 2017 17:29:36 -0500 Subject: [PATCH] tests: Also unmount the devlxd path MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/main.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/test/main.sh b/test/main.sh index 77ab9e3..2db50bb 100755 --- a/test/main.sh +++ b/test/main.sh @@ -267,6 +267,7 @@ kill_lxd() { # Cleanup shmounts (needed due to the forceful kill) find "${daemon_dir}" -name shmounts -exec "umount" "-l" "{}" \; >/dev/null 2>&1 || true +find "${daemon_dir}" -name devlxd -exec "umount" "-l" "{}" \; >/dev/null 2>&1 || true check_leftovers="true" fi ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2922 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From e2b6d0897b1ca9cf878f3cb2e837fa4ed1f69215 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Feb 2017 16:25:36 -0500 Subject: [PATCH 1/2] btrfs: Always pass the mount options --- lxd/storage_btrfs.go | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index dcfaa01..b3d297b 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -22,6 +22,8 @@ import ( log "gopkg.in/inconshreveable/log15.v2" ) +var btrfsMntOptions = "user_subvol_rm_allowed" + type storageBtrfs struct { storageShared } @@ -202,7 +204,7 @@ func (s *storageBtrfs) StoragePoolCreate() error { // cannot call StoragePoolMount() since it will try to do the // reverse operation. So instead we shamelessly mount using the // block device path at the time of pool creation. - err1 = syscall.Mount(source, poolMntPoint, "btrfs", 0, "") + err1 = syscall.Mount(source, poolMntPoint, "btrfs", 0, btrfsMntOptions) } else { _, err1 = s.StoragePoolMount() } @@ -349,7 +351,6 @@ func (s *storageBtrfs) StoragePoolMount() (bool, error) { return false, nil } - poolMntOptions := "user_subvol_rm_allowed" mountSource := source if filepath.IsAbs(source) { if !shared.IsBlockdevPath(source) && s.d.BackingFs != "btrfs" { @@ -382,7 +383,7 @@ func (s *storageBtrfs) StoragePoolMount() (bool, error) { } // This is a block device. - err := syscall.Mount(mountSource, poolMntPoint, "btrfs", 0, poolMntOptions) + err := syscall.Mount(mountSource, poolMntPoint, "btrfs", 0, btrfsMntOptions) if err != nil { return false, err } From 16b424291098b23d732fe7aeeb4a6185f5d7d787 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Feb 2017 16:27:37 -0500 Subject: [PATCH 2/2] btrfs: Drop dead code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 65 1 file changed, 4 insertions(+), 61 deletions(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index b3d297b..8ba340a 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -48,26 +48,6 @@ func (s *storageBtrfs) getCustomSubvolumePath(poolName string) string { return shared.VarPath("storage-pools", poolName, "custom") } -// subvol=containers/ -func (s *storageBtrfs) getContainerMntOptions(name string) string { - return fmt.Sprintf("subvol=containers/%s", name) -} - -// subvol=snapshots/ -func (s *storageBtrfs) getSnapshotMntOptions(name string) string { - return fmt.Sprintf("subvol=snapshots/%s", name) -} - -// subvol=images/ -func (s *storageBtrfs) getImageMntOptions(imageFingerprint string) string { - return fmt.Sprintf("subvol=images/%s", imageFingerprint) -} - -// subvol=custom/ -func (s *storageBtrfs) getCustomMntOptions() string { - return fmt.Sprintf("subvol=custom/%s", s.volume.Name) -} - func (s *storageBtrfs) StorageCoreInit() (*storageCore, error) { sCore := storageCore{} sCore.sType = storageTypeBtrfs @@ -501,53 +481,16 @@ func (s *storageBtrfs) StoragePoolVolumeDelete() error { } func (s *storageBtrfs) StoragePoolVolumeMount() (bool, error) { - source := s.pool.Config["source"] - if source == "" { - return false, fmt.Errorf("No \"source\" property found for the storage pool.") - } - - // Check if the storage volume is already mounted. - customMntPoint := getStoragePoolVolumeMountPoint(s.pool.Name, s.volume.Name) - if shared.IsMountPoint(customMntPoint) { - return false, nil - } - - // Mount the storage volume on its mountpoint. - customMntOptions := "" - if !shared.IsBlockdevPath(source) { - // mount("/dev/loop", "/path/to/target", "btrfs", 0, "subvol=subvol/name") - loopF, err := prepareLoopDev(source) - if err != nil { - return false, fmt.Errorf("Could not prepare loop device.") - } - loopDev := loopF.Name() - defer loopF.Close() - - // Pass the btrfs subvolume name as mountoption. - customMntOptions = s.getCustomMntOptions() - err = syscall.Mount(loopDev, customMntPoint, "btrfs", 0, customMntOptions) - if err != nil { - return false, err -
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2917 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 0726acde89727f2e4f605604f5e3c79032ead164 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 20 Feb 2017 16:29:10 -0500 Subject: [PATCH 1/2] config: Always use "simplestreams" for images: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We switched to simplestreams by default as the protocol for the images remote a while back, yet we're still seeing a majority of users use the LXD protocol. This will update existing user configuration to use the right protocol for that remote and hopefully let us one day deprecate the LXD protocol from images.linuxcontainers.org. Signed-off-by: Stéphane Graber --- config.go | 8 1 file changed, 8 insertions(+) diff --git a/config.go b/config.go index 9492740..7217648 100644 --- a/config.go +++ b/config.go @@ -111,6 +111,14 @@ func LoadConfig(path string) (*Config, error) { c.Remotes[k] = v } + // NOTE: Remove this once we only see a small fraction of non-simplestreams users + // Upgrade users to the "simplestreams" protocol + images, ok := c.Remotes["images"] + if ok && images.Protocol != ImagesRemote.Protocol && images.Addr == ImagesRemote.Addr { + c.Remotes["images"] = ImagesRemote + SaveConfig(&c, path) + } + return &c, nil } From ea2a056f0435e5a7cc3c7d30299b282d71f482c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 20 Feb 2017 22:01:15 -0500 Subject: [PATCH 2/2] lvm: Don't hide errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_lvm.go | 13 ++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/lxd/storage_lvm.go b/lxd/storage_lvm.go index 4333f23..227494f 100644 --- a/lxd/storage_lvm.go +++ b/lxd/storage_lvm.go @@ -672,12 +672,19 @@ func (s *storageLvm) ContainerDelete(container container) error { snapshotMntPointSymlinkTarget := shared.VarPath("storage-pools", s.pool.Name, "snapshots", sourceName) snapshotMntPointSymlink := shared.VarPath("snapshots", sourceName) err = deleteSnapshotMountpoint(containerMntPoint, snapshotMntPointSymlinkTarget, snapshotMntPointSymlink) + if err != nil { + return err + } } else { err = tryUnmount(containerMntPoint, 0) + if err != nil { + return err + } + err = deleteContainerMountpoint(containerMntPoint, container.Path(), s.GetStorageTypeName()) - } - if err != nil { - return err + if err != nil { + return err + } } return nil ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2902 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 47e5368c976e29e160e1ba245e839a868d404df5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 17 Feb 2017 16:02:12 -0500 Subject: [PATCH 1/2] Makefile: Drop repeated calls to "go get" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Not needed anymore. Signed-off-by: Stéphane Graber --- Makefile | 18 +++--- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/Makefile b/Makefile index 5d092ed..e2c7584 100644 --- a/Makefile +++ b/Makefile @@ -13,27 +13,18 @@ TAGS=$(shell test -e /usr/include/sqlite3.h && echo "-tags libsqlite3") .PHONY: default default: - # Must a few times due to go get race - -go get -t -v -d ./... - -go get -t -v -d ./... - -go get -t -v -d ./... + go get -t -v -d ./... go install -v $(TAGS) $(DEBUG) ./... @echo "LXD built successfully" .PHONY: client client: - # Must a few times due to go get race - -go get -t -v -d ./... - -go get -t -v -d ./... - -go get -t -v -d ./... + go get -t -v -d ./... go install -v $(TAGS) $(DEBUG) ./lxc @echo "LXD client built successfully" .PHONY: update update: - # Must a few times due to go get race - -go get -t -v -d -u ./... - -go get -t -v -d -u ./... go get -t -v -d -u ./... @echo "Dependencies updated" @@ -68,9 +59,6 @@ dist: ln -s ../../../../lxd-$(VERSION) $(TMP)/dist/src/github.com/lxc/lxd # Download dependencies - -cd $(TMP)/lxd-$(VERSION) && GOPATH=$(TMP)/dist go get -t -v -d ./... - -cd $(TMP)/lxd-$(VERSION) && GOPATH=$(TMP)/dist go get -t -v -d ./... - -cd $(TMP)/lxd-$(VERSION) && GOPATH=$(TMP)/dist go get -t -v -d ./... cd $(TMP)/lxd-$(VERSION) && GOPATH=$(TMP)/dist go get -t -v -d ./... # Assemble tarball @@ -92,7 +80,7 @@ po/%.po: po/$(DOMAIN).pot msgmerge -U po/$*.po po/$(DOMAIN).pot update-po: - -for lang in $(LINGUAS); do\ + for lang in $(LINGUAS); do\ msgmerge -U $$lang.po po/$(DOMAIN).pot; \ rm -f $$lang.po~; \ done From 50b82f41f3fe6c62a220986d967b12bc0964a0ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 17 Feb 2017 16:04:20 -0500 Subject: [PATCH 2/2] Makefile: Always include gorilla/context MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Makefile b/Makefile index e2c7584..25d894e 100644 --- a/Makefile +++ b/Makefile @@ -61,6 +61,9 @@ dist: # Download dependencies cd $(TMP)/lxd-$(VERSION) && GOPATH=$(TMP)/dist go get -t -v -d ./... + # Workaround for gorilla/mux on Go < 1.7 + cd $(TMP)/lxd-$(VERSION) && GOPATH=$(TMP)/dist go get -v -d github.com/gorilla/context + # Assemble tarball rm $(TMP)/dist/src/github.com/lxc/lxd ln -s ../../../../ $(TMP)/dist/src/github.com/lxc/lxd ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2891 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 5f4f9c6bbadf58792bd707e2720385be67d9ffc0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 15 Feb 2017 12:09:41 -0500 Subject: [PATCH 01/10] doc: Fix storage documentation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - No such thing as storage.default_pool - Fix markdown escaping - Align table columns Signed-off-by: Stéphane Graber --- doc/configuration.md | 37 ++--- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/doc/configuration.md b/doc/configuration.md index b791fbd..a4532fa 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -36,7 +36,6 @@ storage.lvm\_volume\_size | string| 10GiB | - storage.zfs\_pool\_name | string| - | - | ZFS pool name storage.zfs\_remove\_snapshots | boolean | false | storage\_zfs\_remove\_snapshots | Automatically remove any needed snapshot when attempting a container restore storage.zfs\_use\_refquota | boolean | false | storage\_zfs\_use\_refquota | Don't include snapshots as part of container quota (size property) or in reported disk usage -storage.default_pool| string| - | storage | The default storage pool on which to create containers. images.compression\_algorithm | string| gzip | - | Compression algorithm to use for new images (bzip2, gzip, lzma, xz or none) images.remote\_cache\_expiry| integer | 10| - | Number of days after which an unused cached remote image will be flushed images.auto\_update\_interval | integer | 6 | - | Interval in hours at which to look for update to cached images (0 disables it) @@ -386,17 +385,17 @@ overridden on a per-volume basis. ## Storage pool configuration -Key | Type | Condition | Default | Description -:-- | :--| :-- | :-- | :-- -size| string | appropriate driver and source | 0 | Size of the storage pool in bytes (suffixes supported). (Currently valid for loop based pools and zfs.) -source | string | - | - | Path to block device or loop file or filesystem entry -volume.block.filesystem | string | block based driver (lvm) | ext4 | Filesystem to use for new volumes -volume.block.mount_options | string | block based driver (lvm) | discard | Mount options for block devices -volume.lvm.thinpool_name| string | lvm driver| LXDPool | Thin pool where images and containers are created. -volume.size | string | appropriate driver| 0 | Default volume size -volume.zfs.remove_snapshots | bool | zfs driver| false | Remove snapshots as needed -volume.zfs.use_refquota | bool | zfs driver| false | Use refquota instead of quota for space. -zfs.pool_name | string | zfs driver| name of the pool | Name of the zpool +Key | Type | Condition | Default | Description +:-- | :-- | :-- | :-- | :-- +size| string| appropriate driver and source | 0 | Size of the storage pool in bytes (suffixes supported). (Currently valid for loop based pools and zfs.) +source | string| - | - | Path to block device or loop file or filesystem entry +volume.block.filesystem | string| block based driver (lvm) | ext4 | Filesystem to use for new volumes +volume.block.mount\_options | string| block based driver (lvm) | discard | Mount options for block devices +volume.lvm.thinpool\_name | string| lvm driver | LXDPool | Thin pool where images and containers are created. +volume.size | string| appropriate driver | 0 | Default volume size +volume.zfs.remove\_snapshots| bool | zfs driver | false | Remove snapshots as needed +volume.zfs.use\_re
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2884 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Closes #2862 Signed-off-by: Stéphane Graber From d20bfb1fee560119779130a217f81cc356d9a1f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 15 Feb 2017 00:03:30 -0500 Subject: [PATCH] Fix concurent read/write to s.conns in exec MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2862 Signed-off-by: Stéphane Graber --- lxd/container_exec.go | 36 +--- 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/lxd/container_exec.go b/lxd/container_exec.go index 8cf048e..56da1ff 100644 --- a/lxd/container_exec.go +++ b/lxd/container_exec.go @@ -149,7 +149,11 @@ func (s *execWs) Do(op *operation) error { } for { - mt, r, err := s.conns[-1].NextReader() + s.connsLock.Lock() + conn := s.conns[-1] + s.connsLock.Unlock() + + mt, r, err := conn.NextReader() if mt == websocket.CloseMessage { break } @@ -201,10 +205,16 @@ func (s *execWs) Do(op *operation) error { }() go func() { - readDone, writeDone := shared.WebsocketExecMirror(s.conns[0], ptys[0], ptys[0], attachedChildIsDead, int(ptys[0].Fd())) + s.connsLock.Lock() + conn := s.conns[0] + s.connsLock.Unlock() + + readDone, writeDone := shared.WebsocketExecMirror(conn, ptys[0], ptys[0], attachedChildIsDead, int(ptys[0].Fd())) + <-readDone <-writeDone - s.conns[0].Close() + + conn.Close() wgEOF.Done() }() @@ -213,10 +223,18 @@ func (s *execWs) Do(op *operation) error { for i := 0; i < len(ttys); i++ { go func(i int) { if i == 0 { - <-shared.WebsocketRecvStream(ttys[i], s.conns[i]) + s.connsLock.Lock() + conn := s.conns[i] + s.connsLock.Unlock() + + <-shared.WebsocketRecvStream(ttys[i], conn) ttys[i].Close() } else { - <-shared.WebsocketSendStream(s.conns[i], ptys[i], -1) + s.connsLock.Lock() + conn := s.conns[i] + s.connsLock.Unlock() + + <-shared.WebsocketSendStream(conn, ptys[i], -1) ptys[i].Close() wgEOF.Done() } @@ -229,12 +247,16 @@ func (s *execWs) Do(op *operation) error { tty.Close() } - if s.conns[-1] == nil { + s.connsLock.Lock() + conn := s.conns[-1] + s.connsLock.Unlock() + + if conn == nil { if s.interactive { controlExit <- true } } else { - s.conns[-1].Close() + conn.Close() } attachedChildIsDead <- true ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2861 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 9b3a84583979587386e3df589b8eb7b4ee405ccf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 8 Feb 2017 19:02:18 -0500 Subject: [PATCH 1/5] network: Skip ip6tables clear on non-ipv6 hosts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2842 Signed-off-by: Stéphane Graber --- lxd/networks_iptables.go | 5 + 1 file changed, 5 insertions(+) diff --git a/lxd/networks_iptables.go b/lxd/networks_iptables.go index 1b1ff7d..fb2585e 100644 --- a/lxd/networks_iptables.go +++ b/lxd/networks_iptables.go @@ -41,6 +41,11 @@ func networkIptablesPrepend(protocol string, netName string, table string, chain } func networkIptablesClear(protocol string, netName string, table string) error { + // Detect kernels that lack IPv6 support + if !shared.PathExists("/proc/sys/net/ipv6") && protocol == "ipv6" { + return nil + } + cmd := "iptables" if protocol == "ipv6" { cmd = "ip6tables" From 91a607365786383f9d3e9dde38066e05f31518c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 8 Feb 2017 19:37:45 -0500 Subject: [PATCH 2/5] Disable IPv6 on host side veth when bridged MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2845 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 5 + 1 file changed, 5 insertions(+) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index dbfbb52..717d5d6 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -5323,6 +5323,11 @@ func (c *containerLXC) createNetworkDevice(name string, m types.Device) (string, deviceRemoveInterface(n2) return "", fmt.Errorf("Failed to add interface to bridge: %s", err) } + + // Attempt to disable IPv6 on the host side interface + if shared.PathExists(fmt.Sprintf("/proc/sys/net/ipv6/conf/%s/disable_ipv6", n1)) { + ioutil.WriteFile(fmt.Sprintf("/proc/sys/net/ipv6/conf/%s/disable_ipv6", n1), []byte("1"), 0644) + } } dev = n2 From 074990d14cf2fa7319cf79a681787f30bbe666d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 8 Feb 2017 19:50:04 -0500 Subject: [PATCH 3/5] tests: Switch to use gofmt instead of "go fmt" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/static_analysis.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/suites/static_analysis.sh b/test/suites/static_analysis.sh index 4d2608c..878bce7 100644 --- a/test/suites/static_analysis.sh +++ b/test/suites/static_analysis.sh @@ -62,7 +62,7 @@ test_static_analysis() { # go fmt git add -u :/ -go fmt ./... +gofmt -w -s ./ git diff --exit-code # make sure the .pot is updated From e7b0a3e1ce6680b6ff3b613477c390110d9f4474 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 8 Feb 2017 19:51:41 -0500 Subject: [PATCH 4/5] db: Rely on CASCADE MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2844 Signed-off-by: Stéphane Graber --- lxd/db_certificates.go | 11 +-- lxd/db_containers.go | 16 ++-- lxd/db_images.go | 8 +--- lxd/db_networks.go | 16 ++-- lxd/db_profiles.go | 20 ++-- 5 files changed, 12 insertions(+), 59 deletions(-) diff --git a/lxd/db_certificates.go b/lxd/db_certificates.go index 09baed4..1f0c0b2 100644 --- a/lxd/db_certificates.go +++ b/lxd/db_certificates.go @@ -110,13 +110,12 @@ func dbCertSave(db *sql.DB, cert *dbCertInfo) error { // dbCertDelete deletes a certificate from the db. func dbCertDelete(db *sql.DB, fingerprint string) error { - _, err := dbExec( - db, - "DELETE FROM certificates WHERE fingerprint=?", - fingerprint, - ) + _, err := dbExec(db, "DELETE FROM certificates WHERE fingerprint=?", fingerprint) + if err != nil { + return err + } - return err + return nil } func dbCertUpdate(db *sql.DB, fingerprint string, certName string, certType int) error { diff --git a/lxd/db_containers.go b/lxd/db_containers.go index 74aacbf..d090178 100644 --- a/lxd/db_containers.go +++ b/lxd/db_containers.go @@ -24,24 +24,12 @@ func dbContainerRemove(db *sql.DB, name string) error { return err
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2833 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From c0334e2f5ac5c33cfdd6488e9237ecf5afc074e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 1 Feb 2017 18:02:52 +0100 Subject: [PATCH 1/2] Clarify CRIU related errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container.go | 10 ++ lxd/container_lxc.go | 19 ++- lxd/migrate.go | 12 +++- 3 files changed, 19 insertions(+), 22 deletions(-) diff --git a/lxd/container.go b/lxd/container.go index 2721f47..c151d5f 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -4,6 +4,7 @@ import ( "fmt" "io" "os" + "os/exec" "strings" "time" @@ -527,15 +528,16 @@ func containerCreateAsSnapshot(d *Daemon, args containerArgs, sourceContainer co // Deal with state if args.Stateful { if !sourceContainer.IsRunning() { - return nil, fmt.Errorf("Container not running, cannot do stateful snapshot") + return nil, fmt.Errorf("Unable to create a stateful snapshot. The container isn't running.") } - if err := findCriu("snapshot"); err != nil { - return nil, err + _, err := exec.LookPath("criu") + if err != nil { + return nil, fmt.Errorf("Unable to create a stateful snapshot. CRIU isn't installed.") } stateDir := sourceContainer.StatePath() - err := os.MkdirAll(stateDir, 0700) + err = os.MkdirAll(stateDir, 0700) if err != nil { return nil, err } diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 631ebfd..2b505b1 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -2509,8 +2509,9 @@ func (c *containerLXC) Restore(sourceContainer container) error { * filesystem manipulations */ if shared.PathExists(c.StatePath()) { - if err := findCriu("snapshot"); err != nil { - return err + _, err := exec.LookPath("criu") + if err != nil { + return fmt.Errorf("Failed to restore container state. CRIU isn't installed.") } } @@ -3897,15 +3898,6 @@ func getCRIULogErrors(imagesDir string, method string) (string, error) { return strings.Join(ret, "\n"), nil } -func findCriu(host string) error { - _, err := exec.LookPath("criu") - if err != nil { - return fmt.Errorf("CRIU is required for live migration but its binary couldn't be found on the %s server. Is it installed in LXD's path?", host) - } - - return nil -} - func (c *containerLXC) Migrate(cmd uint, stateDir string, function string, stop bool, actionScript bool) error { ctxMap := log.Ctx{"name": c.name, "created": c.creationDate, @@ -3915,8 +3907,9 @@ func (c *containerLXC) Migrate(cmd uint, stateDir string, function string, stop "actionscript": actionScript, "stop": stop} - if err := findCriu(function); err != nil { - return err + _, err := exec.LookPath("criu") + if err != nil { + return fmt.Errorf("Unable to perform container live migration. CRIU isn't installed.") } shared.LogInfo("Migrating container", ctxMap) diff --git a/lxd/migrate.go b/lxd/migrate.go index db753d0..7e854c7 100644 --- a/lxd/migrate.go +++ b/lxd/migrate.go @@ -11,6 +11,7 @@ import ( "net/http" "net/url" "os" + "os/exec" "path/filepath" "strings" "sync" @@ -166,8 +167,9 @@ func NewMigrationSource(c container) (*migrationSourceWs, error) { } if c.IsRunning() { - if err := findCriu("source"); err != nil { - return nil, err + _, err := exec.LookPath("criu") + if err != nil { + return nil, fmt.Errorf("Unable to perform container live migration. CRIU isn't installed on the source server.") } ret.live = true @@ -594,11 +596,11 @@ func NewMigrationSink(args *MigrationSinkArgs) (*migrationSink, error) { sink.src.live = ok } - err = findCriu("destination") + _, err = exec.LookPath("criu") if sink.push && sink.dest.live && err != nil { - return nil, err + return nil, fmt.Errorf("Unable to perform container live migration. CRI
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2831 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 4b86598132caf1991bedae40f20add1f396b4307 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 30 Jan 2017 16:34:41 -0500 Subject: [PATCH 1/2] simplestreams: Always prefer squashfs when available MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Makes things less random for users and is usually a bit faster to unpack. Signed-off-by: Stéphane Graber --- shared/simplestreams/simplestreams.go | 76 ++- 1 file changed, 39 insertions(+), 37 deletions(-) diff --git a/shared/simplestreams/simplestreams.go b/shared/simplestreams/simplestreams.go index 490cc4f..6ca7666 100644 --- a/shared/simplestreams/simplestreams.go +++ b/shared/simplestreams/simplestreams.go @@ -107,58 +107,60 @@ func (s *SimpleStreamsManifest) ToLXD() ([]api.Image, map[string][][]string) { continue } - size := int64(0) - filename := "" - fingerprint := "" + var meta SimpleStreamsManifestProductVersionItem + var rootTar SimpleStreamsManifestProductVersionItem + var rootSquash SimpleStreamsManifestProductVersionItem - metaPath := "" - metaHash := "" - rootfsPath := "" - rootfsHash := "" - - found := 0 for _, item := range version.Items { // Skip the files we don't care about if !shared.StringInSlice(item.FileType, []string{"root.tar.xz", "lxd.tar.xz", "squashfs"}) { continue } - found += 1 - - if fingerprint == "" { - if item.LXDHashSha256SquashFs != "" { - fingerprint = item.LXDHashSha256SquashFs - } else if item.LXDHashSha256RootXz != "" { - fingerprint = item.LXDHashSha256RootXz - } else if item.LXDHashSha256 != "" { - fingerprint = item.LXDHashSha256 - } - } if item.FileType == "lxd.tar.xz" { - fields := strings.Split(item.Path, "/") - filename = fields[len(fields)-1] - metaPath = item.Path - metaHash = item.HashSha256 - - size += item.Size + meta = item + } else if item.FileType == "squashfs" { + rootSquash = item + } else if item.FileType == "root.tar.xz" { + rootTar = item } + } - if rootfsPath == "" || rootfsHash == "" { - if item.FileType == "squashfs" { - rootfsPath = item.Path - rootfsHash = item.HashSha256 - } + if meta.FileType == "" || (rootTar.FileType == "" && rootSquash.FileType == "") { + // Invalid image + continue + } - if item.FileType == "root.tar.xz" { - rootfsPath = item.Path - rootfsHash = item.HashSha256 - } + metaPath := meta.Path + metaHash := meta.HashSha256 + rootfsPath := "" + rootfsHash := "" + fields := strings.Split(meta.Path, "/") + filename := fields[len(fields)-1] + size := meta.Size + fingerprint := "" - size += item.Size + if rootSquash.FileType != "" { + if meta.LXDHashSha256SquashFs != "" { +
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2818 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 25a5b2be3790026273ddbc2cf13934d4cf63ef51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 24 Jan 2017 15:45:59 -0500 Subject: [PATCH 1/4] Don't attempt to read xattrs from symlinks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2801 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 6a9c7e0..a67dc16 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -4798,10 +4798,12 @@ func (c *containerLXC) tarStoreFile(linkmap map[uint64]string, offset int, tw *t } } - // Handle xattrs. - hdr.Xattrs, err = shared.GetAllXattr(path) - if err != nil { - return fmt.Errorf("failed to read xattr: %s", err) + // Handle xattrs (for real files only) + if link == "" { + hdr.Xattrs, err = shared.GetAllXattr(path) + if err != nil { + return fmt.Errorf("failed to read xattr: %s", err) + } } if err := tw.WriteHeader(hdr); err != nil { From faa53197550180b80090312bc951c3fe34887684 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 24 Jan 2017 16:32:32 -0500 Subject: [PATCH 2/4] Remove GroupName function and add UserId one MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/util_linux.go | 46 ++ 1 file changed, 22 insertions(+), 24 deletions(-) diff --git a/shared/util_linux.go b/shared/util_linux.go index 9ce2fb0..87b44d6 100644 --- a/shared/util_linux.go +++ b/shared/util_linux.go @@ -19,18 +19,19 @@ import ( // #cgo LDFLAGS: -lutil -lpthread /* #define _GNU_SOURCE -#include -#include -#include -#include -#include -#include #include #include +#include #include #include -#include +#include +#include #include +#include +#include +#include +#include +#include #ifndef AT_SYMLINK_FOLLOW #define AT_SYMLINK_FOLLOW0x400 @@ -277,36 +278,36 @@ func Pipe() (master *os.File, slave *os.File, err error) { return master, slave, nil } -// GroupName is an adaption from https://codereview.appspot.com/4589049. -func GroupName(gid int) (string, error) { - var grp C.struct_group - var result *C.struct_group +// UserId is an adaption from https://codereview.appspot.com/4589049. +func UserId(name string) (int, error) { + var pw C.struct_passwd + var result *C.struct_passwd - bufSize := C.size_t(C.sysconf(C._SC_GETGR_R_SIZE_MAX)) + bufSize := C.size_t(C.sysconf(C._SC_GETPW_R_SIZE_MAX)) buf := C.malloc(bufSize) if buf == nil { - return "", fmt.Errorf("allocation failed") + return -1, fmt.Errorf("allocation failed") } defer C.free(buf) - // mygetgrgid_r is a wrapper around getgrgid_r to - // to avoid using gid_t because C.gid_t(gid) for - // unknown reasons doesn't work on linux. - rv := C.mygetgrgid_r(C.int(gid), - &grp, + cname := C.CString(name) + defer C.free(unsafe.Pointer(cname)) + + rv := C.getpwnam_r(cname, + &pw, (*C.char)(buf), bufSize, &result) if rv != 0 { - return "", fmt.Errorf("failed group lookup: %s", syscall.Errno(rv)) + return -1, fmt.Errorf("failed user lookup: %s", syscall.Errno(rv)) } if result == nil { - return "", fmt.Errorf("unknown group %d", gid) + return -1, fmt.Errorf("unknown user %s", name) } - return C.GoString(result.gr_name), nil + return int(C.int(result.pw_uid)), nil } // GroupId is an adaption from https://codereview.appspot.com/4589049. @@ -321,9 +322,6 @@ func GroupId(name string) (int, error) { } defer C.free(buf) - // mygetgrgid_r is a wrapper around getgrgid_r to - // to avoid using gid_t because C.gid_t(gid) for - // unknown reasons doesn't work on linux. cname := C.CString(name) defer C.free(unsafe.Pointer(cname)) From 7fd66ac74411afa108cdd70f01bdfd3fc24da9b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 24 Jan 2017 14:57:19 -0500 Subject: [PATCH 3/4] network: Update permissions of network directories MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit So that the unprivileged dnsmasq can rea
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2817 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 426461fb2b2aff59aa0a02f3caa970a80398b52a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 24 Jan 2017 11:43:22 -0500 Subject: [PATCH 1/2] Better handle timestamps MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/image.go | 6 +++--- lxc/info.go | 4 ++-- lxc/list.go | 4 ++-- shared/simplestreams/simplestreams.go | 4 ++-- shared/util.go| 13 + 5 files changed, 22 insertions(+), 9 deletions(-) diff --git a/lxc/image.go b/lxc/image.go index b4ad827..bd8836f 100644 --- a/lxc/image.go +++ b/lxc/image.go @@ -347,16 +347,16 @@ func (c *imageCmd) run(config *lxd.Config, args []string) error { fmt.Printf(i18n.G("Public: %s")+"\n", public) fmt.Printf(i18n.G("Timestamps:") + "\n") const layout = "2006/01/02 15:04 UTC" - if info.CreatedAt.UTC().Unix() != 0 { + if shared.TimeIsSet(info.CreatedAt) { fmt.Printf(""+i18n.G("Created: %s")+"\n", info.CreatedAt.UTC().Format(layout)) } fmt.Printf(""+i18n.G("Uploaded: %s")+"\n", info.UploadedAt.UTC().Format(layout)) - if info.ExpiresAt.UTC().Unix() != 0 { + if shared.TimeIsSet(info.ExpiresAt) { fmt.Printf(""+i18n.G("Expires: %s")+"\n", info.ExpiresAt.UTC().Format(layout)) } else { fmt.Printf("" + i18n.G("Expires: never") + "\n") } - if info.LastUsedAt.UTC().Unix() != 0 { + if shared.TimeIsSet(info.LastUsedAt) { fmt.Printf(""+i18n.G("Last used: %s")+"\n", info.LastUsedAt.UTC().Format(layout)) } else { fmt.Printf("" + i18n.G("Last used: never") + "\n") diff --git a/lxc/info.go b/lxc/info.go index 30a3f66..2300ce0 100644 --- a/lxc/info.go +++ b/lxc/info.go @@ -91,7 +91,7 @@ func (c *infoCmd) containerInfo(d *lxd.Client, name string, showLog bool) error fmt.Printf(i18n.G("Remote: %s")+"\n", d.Remote.Addr) } fmt.Printf(i18n.G("Architecture: %s")+"\n", ct.Architecture) - if ct.CreatedAt.UTC().Unix() != 0 { + if shared.TimeIsSet(ct.CreatedAt) { fmt.Printf(i18n.G("Created: %s")+"\n", ct.CreatedAt.UTC().Format(layout)) } @@ -211,7 +211,7 @@ func (c *infoCmd) containerInfo(d *lxd.Client, name string, showLog bool) error fields := strings.Split(snap.Name, shared.SnapshotDelimiter) fmt.Printf(" %s", fields[len(fields)-1]) - if snap.CreationDate.UTC().Unix() != 0 { + if shared.TimeIsSet(snap.CreationDate) { fmt.Printf(" ("+i18n.G("taken at %s")+")", snap.CreationDate.UTC().Format(layout)) } diff --git a/lxc/list.go b/lxc/list.go index 1fd9317..e492007 100644 --- a/lxc/list.go +++ b/lxc/list.go @@ -604,7 +604,7 @@ func (c *listCmd) ProfilesColumnData(cInfo api.Container, cState *api.ContainerS func (c *listCmd) CreatedColumnData(cInfo api.Container, cState *api.ContainerState, cSnaps []api.ContainerSnapshot) string { layout := "2006/01/02 15:04 UTC" - if cInfo.CreatedAt.UTC().Unix() != 0 { + if shared.TimeIsSet(cInfo.CreatedAt) { return cInfo.CreatedAt.UTC().Format(layout) } @@ -614,7 +614,7 @@ func (c *listCmd) CreatedColumnData(cInfo api.Container, cState *api.ContainerSt func (c *listCmd) LastUsedColumnData(cInfo api.Container, cState *api.ContainerState, cSnaps []api.ContainerSnapshot) string { layout := "2006/01/02 15:04 UTC" - if !cInfo.LastUsedAt.IsZero() && cInfo.LastUsedAt.UTC().Unix() != 0 { + if !cInfo.LastUsedAt.IsZero() && shared.TimeIsSet(cInfo.LastUsedAt) { return cInfo.LastUsedAt.UTC().Format(layout) } diff --git a/shared/simplestreams/simplestreams.go b/shared/simplestreams/simplestreams.go index d71fcd3..490cc4f 100644 --- a/shared/simplestreams/simplestreams.go +++ b/shared/simplestreams/simplestreams.go @@ -32,11 +32,11 @@ func (a ssSortImage) Swap(i, j int) { func (a ssSortImage) Less(i, j int) bool { if a[i].Properties["os"] == a[j].Properties["os"] { if a[i].Properties["release"] == a[j].Properties["release"] { - if a[i].CreatedAt.UTC().Unix() == 0 { + if !shared.TimeIsSet(a[i].CreatedAt) { return true
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2811 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 98056cc534ccf120c6d054a54a86cbd6e08e3c9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 23 Jan 2017 00:56:06 -0500 Subject: [PATCH 1/6] api: Add more API extension tags MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/api/container_state.go | 2 ++ shared/api/network.go | 2 ++ 2 files changed, 4 insertions(+) diff --git a/shared/api/container_state.go b/shared/api/container_state.go index f9aa765..9d38f4c 100644 --- a/shared/api/container_state.go +++ b/shared/api/container_state.go @@ -28,6 +28,8 @@ type ContainerStateDisk struct { } // ContainerStateCPU represents the cpu information section of a LXD container's state +// +// API extension: container_cpu_time type ContainerStateCPU struct { Usage int64 `json:"usage"` } diff --git a/shared/api/network.go b/shared/api/network.go index 6c616ab..7773196 100644 --- a/shared/api/network.go +++ b/shared/api/network.go @@ -1,6 +1,8 @@ package api // NetworksPost represents the fields of a new LXD network +// +// API extension: network type NetworksPost struct { NetworkPut `yaml:",inline"` From dc2e136f6c8664a7ad754667220503d198a9650e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 23 Jan 2017 16:22:54 -0500 Subject: [PATCH 2/6] Fix typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/database_update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/suites/database_update.sh b/test/suites/database_update.sh index 4856470..577abb3 100644 --- a/test/suites/database_update.sh +++ b/test/suites/database_update.sh @@ -15,7 +15,7 @@ test_database_update(){ tables=$(sqlite3 "${MIGRATE_DB}" ".dump" | grep -c "CREATE TABLE") [ "${tables}" -eq "${expected_tables}" ] || { echo "FAIL: Wrong number of tables after database migration. Found: ${tables}, expected ${expected_tables}"; false; } - # There should be 13 "ON DELETE CASCADE" occurences + # There should be 13 "ON DELETE CASCADE" occurrences expected_cascades=12 cascades=$(sqlite3 "${MIGRATE_DB}" ".dump" | grep -c "ON DELETE CASCADE") [ "${cascades}" -eq "${expected_cascades}" ] || { echo "FAIL: Wrong number of ON DELETE CASCADE foreign keys. Found: ${cascades}, exected: ${expected_cascades}"; false; } From b8d2cc5d750aa84fe4aaf4c273d0a7d6679518e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 23 Jan 2017 17:52:20 -0500 Subject: [PATCH 3/6] network: Properly detect vlans MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2809 Signed-off-by: Stéphane Graber --- lxd/networks.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lxd/networks.go b/lxd/networks.go index 237a883..ce12c42 100644 --- a/lxd/networks.go +++ b/lxd/networks.go @@ -205,6 +205,8 @@ func doNetworkGet(d *Daemon, name string) (api.Network, error) { } n.Type = "bridge" + } else if shared.PathExists(fmt.Sprintf("/proc/net/vlan/%s", n.Name)) { + n.Type = "vlan" } else if shared.PathExists(fmt.Sprintf("/sys/class/net/%s/device", n.Name)) { n.Type = "physical" } else if shared.PathExists(fmt.Sprintf("/sys/class/net/%s/bonding", n.Name)) { From e7f31632ba7f0ebf970826b539ec3e553977eee7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 23 Jan 2017 17:57:20 -0500 Subject: [PATCH 4/6] network: Handle empty dnsmasq pid file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2767 Signed-off-by: Stéphane Graber --- lxd/networks_utils.go | 11 +++ 1 file changed, 11 insertions(+) diff --git a/lxd/networks_utils.go b/lxd/networks_utils.go index f632121..6122d9d 100644 --- a/lxd/networks_utils.go +++ b/lxd/networks_utils.go @@ -617,6 +617,17 @@ func networkKillDnsmasq(name string, reload bool) error { } pid := strings.TrimSpace(string(content)) + // Check for empty string + if pid == "" { + os.Remove(pidPath) + + if reload { + return fmt.Errorf("dnsmasq isn't running") + } + + return nil + } + // Check if the process still exists if !shared.PathExists(fmt.Sprintf("/proc/%s", pid)) { os.Remove(pidPath) From cd0e39e12e5e43c8992119fecdd12b2ae95933c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 23 Jan 2017 18:03:06
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2786 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 4546b78577b541b25b031e2e4a1a890ebdad898d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 11 Jan 2017 11:46:44 +0200 Subject: [PATCH 01/12] lxc: Export image last use date MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/image.go | 5 + 1 file changed, 5 insertions(+) diff --git a/lxc/image.go b/lxc/image.go index b81191d..b4ad827 100644 --- a/lxc/image.go +++ b/lxc/image.go @@ -356,6 +356,11 @@ func (c *imageCmd) run(config *lxd.Config, args []string) error { } else { fmt.Printf("" + i18n.G("Expires: never") + "\n") } + if info.LastUsedAt.UTC().Unix() != 0 { + fmt.Printf(""+i18n.G("Last used: %s")+"\n", info.LastUsedAt.UTC().Format(layout)) + } else { + fmt.Printf("" + i18n.G("Last used: never") + "\n") + } fmt.Println(i18n.G("Properties:")) for key, value := range info.Properties { fmt.Printf("%s: %s\n", key, value) From 2d1c4a4c4ad67ced574cac58f3a57a7a1b9294ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 11 Jan 2017 16:21:50 +0200 Subject: [PATCH 02/12] lxc: Better handle network modifications MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2785 Signed-off-by: Stéphane Graber --- lxc/network.go | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lxc/network.go b/lxc/network.go index 777615b..e4d68d2 100644 --- a/lxc/network.go +++ b/lxc/network.go @@ -318,6 +318,10 @@ func (c *networkCmd) doNetworkEdit(client *lxd.Client, name string) error { return err } + if !network.Managed { + return fmt.Errorf(i18n.G("Only managed networks can be modified.")) + } + data, err := yaml.Marshal(&network) if err != nil { return err @@ -441,6 +445,10 @@ func (c *networkCmd) doNetworkSet(client *lxd.Client, name string, args []string return err } + if !network.Managed { + return fmt.Errorf(i18n.G("Only managed networks can be modified.")) + } + key := args[0] var value string if len(args) < 2 { @@ -452,7 +460,7 @@ func (c *networkCmd) doNetworkSet(client *lxd.Client, name string, args []string if !termios.IsTerminal(int(syscall.Stdin)) && value == "-" { buf, err := ioutil.ReadAll(os.Stdin) if err != nil { - return fmt.Errorf("Can't read from stdin: %s", err) + return fmt.Errorf(i18n.G("Can't read from stdin: %s"), err) } value = string(buf[:]) } From 77152604eb7de5a76e90bc9b64d736792e8eec62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 11 Jan 2017 16:24:55 +0200 Subject: [PATCH 03/12] "gofmt -s" run MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client.go | 4 +-- config.go | 2 +- lxc/list.go | 24 ++--- lxc/main_test.go | 6 ++-- lxc/manpage.go| 2 +- lxd/container.go | 2 +- lxd/container_lxc.go | 10 +++--- lxd/daemon_config.go | 48 - lxd/db_update.go | 68 +-- lxd/devices.go| 2 +- lxd/devlxd.go | 6 ++-- lxd/main_forkexec.go | 2 +- lxd/main_test.go | 4 +-- lxd/networks.go | 28 +++ lxd/networks_utils.go | 2 +- lxd/patches.go| 4 +-- lxd/types/devices.go | 4 +-- shared/idmapset_linux_test.go | 8 ++--- shared/osarch/architectures.go| 30 shared/simplestreams/simplestreams.go | 2 +- shared/stringset.go | 2 +- shared/util_linux.go | 2 +- 22 files changed, 131 insertions(+), 131 deletions(-) diff --git a/client.go b/client.go index 6d4a867..36ab676 100644 --- a/client.go +++ b/client.go @@ -2505,7 +2505,7 @@ func (c *Client) ContainerDeviceDelete(container, devname string) (*api.Response return nil, err } - for n, _ := range s
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2778 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 9a21c6f4ca8aefe9adf20f539a2df049dcd9a2ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 7 Jan 2017 19:52:23 +0100 Subject: [PATCH 1/2] Drop unused code from db.go MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/db.go | 9 - 1 file changed, 9 deletions(-) diff --git a/lxd/db.go b/lxd/db.go index a76397b..2473958 100644 --- a/lxd/db.go +++ b/lxd/db.go @@ -25,15 +25,6 @@ var ( NoSuchObjectError = fmt.Errorf("No such object") ) -// Profile is here to order Profiles. -type Profile struct { - name string - order int -} - -// Profiles will contain a list of all Profiles. -type Profiles []Profile - // CURRENT_SCHEMA contains the current SQLite SQL Schema. const CURRENT_SCHEMA string = ` CREATE TABLE IF NOT EXISTS certificates ( From dcd3704b15990de95cd2cc057c1629954442f127 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 7 Jan 2017 19:52:35 +0100 Subject: [PATCH 2/2] tests: Fix deadcode to work with new upstream MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/static_analysis.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/suites/static_analysis.sh b/test/suites/static_analysis.sh index 58e4894..4d2608c 100644 --- a/test/suites/static_analysis.sh +++ b/test/suites/static_analysis.sh @@ -38,8 +38,8 @@ test_static_analysis() { ## deadcode if which deadcode >/dev/null 2>&1; then - for path in . lxc/ lxd/ shared/ shared/i18n shared/termios fuidshift/; do -OUT=$(deadcode ${path} 2>&1 | grep -v lxd/migrate.pb.go || true) + for path in . fuidshift lxc lxd lxd/types shared shared/api shared/i18n shared/ioprogress shared/logging shared/osarch shared/simplestreams shared/termios shared/version test/lxd-benchmark; do +OUT=$(deadcode ./${path} 2>&1 | grep -v lxd/migrate.pb.go: | grep -v /C: | grep -vi _cgo | grep -vi _cfunc || true) if [ -n "${OUT}" ]; then echo "${OUT}" >&2 false ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2726 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 616c9ce14f134bd7f47cd5a653b6d3d3d4d624e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 15 Dec 2016 11:03:18 -0500 Subject: [PATCH 01/26] nsexec: Also call setgroups MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This should make some linters happier. Closes #2724 Signed-off-by: Stéphane Graber --- lxd/main_nsexec.go | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/lxd/main_nsexec.go b/lxd/main_nsexec.go index 8d5c038..49af9d2 100644 --- a/lxd/main_nsexec.go +++ b/lxd/main_nsexec.go @@ -38,6 +38,7 @@ package main #include #include #include +#include // This expects: // ./lxd forkputfile /source/path /target/path @@ -155,8 +156,8 @@ void attach_userns(int pid) { _exit(1); } - if (setuid(0) < 0) { - fprintf(stderr, "Failed setuid to container root user: %s\n", strerror(errno)); + if (setgroups(0, NULL) < 0) { + fprintf(stderr, "Failed setgroups to container root groups: %s\n", strerror(errno)); _exit(1); } @@ -164,6 +165,12 @@ void attach_userns(int pid) { fprintf(stderr, "Failed setgid to container root group: %s\n", strerror(errno)); _exit(1); } + + if (setuid(0) < 0) { + fprintf(stderr, "Failed setuid to container root user: %s\n", strerror(errno)); + _exit(1); + } + } } } From 78639a3aadf9b420aeb97d8f9d70c65dfd1e880b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 15 Dec 2016 11:24:36 -0500 Subject: [PATCH 02/26] Allow for network-specific lease updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This prevents a failure when starting a daemon with multiple networks that are down (as network bringup was calling lease updates for all of them). Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 6 +++--- lxd/networks.go | 2 +- lxd/networks_utils.go | 25 +++-- 3 files changed, 19 insertions(+), 14 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 5a15ebc..a24b5ce 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -314,7 +314,7 @@ func containerLXCCreate(d *Daemon, args containerArgs) (container, error) { } // Update lease files - networkUpdateStatic(d) + networkUpdateStatic(d, "") shared.LogInfo("Created container", ctxMap) @@ -2630,7 +2630,7 @@ func (c *containerLXC) Delete() error { } // Update lease files - networkUpdateStatic(c.daemon) + networkUpdateStatic(c.daemon, "") shared.LogInfo("Deleted container", ctxMap) @@ -3608,7 +3608,7 @@ func (c *containerLXC) Update(args containerArgs, userRequested bool) error { } if needsUpdate { - networkUpdateStatic(c.daemon) + networkUpdateStatic(c.daemon, "") } // Success, update the closure to mark that the changes should be kept. diff --git a/lxd/networks.go b/lxd/networks.go index 208a70b..62ed2b9 100644 --- a/lxd/networks.go +++ b/lxd/networks.go @@ -1155,7 +1155,7 @@ func (n *network) Start() error { } // Update the static leases - err = networkUpdateStatic(n.daemon) + err = networkUpdateStatic(n.daemon, n.name) if err != nil { return err } diff --git a/lxd/networks_utils.go b/lxd/networks_utils.go index 43342b7..b5f2199 100644 --- a/lxd/networks_utils.go +++ b/lxd/networks_utils.go @@ -671,24 +671,29 @@ func networkKillDnsmasq(name string, reload bool) error { return nil } -func networkUpdateStatic(d *Daemon) error { +func networkUpdateStatic(d *Daemon, name string) error { // Get all the containers containers, err := dbContainersList(d.db, cTypeRegular) if err != nil { return err } - // Get all the networks - networks, err := dbNetworks(d.db) - if err != nil { - return err + networks := []string{} + if name == "" { + // Get all the networks + networks, err = dbNetworks(d.db) + if err != nil { + return err +
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2704 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 70e9034cc9159a7f486caed81b0f6bfd9e55d3c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 8 Dec 2016 10:26:44 +0100 Subject: [PATCH 1/3] Make it easier to grep for the backup functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/api_internal.go | 6 +++--- lxd/container.go | 4 ++-- lxd/container_lxc.go | 16 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/lxd/api_internal.go b/lxd/api_internal.go index 11ca5aa..6723535 100644 --- a/lxd/api_internal.go +++ b/lxd/api_internal.go @@ -100,13 +100,13 @@ var internalReadyCmd = Command{name: "ready", put: internalReady, get: internalW var internalContainerOnStartCmd = Command{name: "containers/{id}/onstart", get: internalContainerOnStart} var internalContainerOnStopCmd = Command{name: "containers/{id}/onstop", get: internalContainerOnStop} -func slurpSlurpFile(path string) (*slurpFile, error) { +func slurpBackupFile(path string) (*backupFile, error) { data, err := ioutil.ReadFile(path) if err != nil { return nil, err } - sf := slurpFile{} + sf := backupFile{} if err := yaml.Unmarshal(data, &sf); err != nil { return nil, err @@ -129,7 +129,7 @@ func internalImport(d *Daemon, r *http.Request) Response { defer d.Storage.ContainerStop(name, path) - sf, err := slurpSlurpFile(shared.VarPath("containers", name, "backup.yaml")) + sf, err := slurpBackupFile(shared.VarPath("containers", name, "backup.yaml")) if err != nil { return SmartError(err) } diff --git a/lxd/container.go b/lxd/container.go index 373b1bd..fdd3223 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -566,7 +566,7 @@ func containerCreateAsSnapshot(d *Daemon, args containerArgs, sourceContainer co return nil, err } - err = writeSlurpFile(sourceContainer) + err = writeBackupFile(sourceContainer) if err != nil { c.Delete() return nil, err @@ -694,7 +694,7 @@ func containerConfigureInternal(c container) error { break } - err := writeSlurpFile(c) + err := writeBackupFile(c) if err != nil { return err } diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index e13e43d..cac6b4b 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -2511,10 +2511,10 @@ func (c *containerLXC) Restore(sourceContainer container) error { return err } - // The old slurp file may be out of date (e.g. it doesn't have all the + // The old backup file may be out of date (e.g. it doesn't have all the // current snapshots of the container listed); let's write a new one to // be safe. - err = writeSlurpFile(c) + err = writeBackupFile(c) if err != nil { return err } @@ -2746,13 +2746,13 @@ func (c *containerLXC) ConfigKeySet(key string, value string) error { return c.Update(args, false) } -type slurpFile struct { +type backupFile struct { Container *shared.ContainerInfo `yaml:"container"` Snapshots []*shared.SnapshotInfo `yaml:"snapshots"` } -func writeSlurpFile(c container) error { - /* we only write slurp files out for actual containers */ +func writeBackupFile(c container) error { + /* we only write backup files out for actual containers */ if c.IsSnapshot() { return nil } @@ -2778,7 +2778,7 @@ func writeSlurpFile(c container) error { sis = append(sis, si.(*shared.SnapshotInfo)) } - data, err := yaml.Marshal(&slurpFile{ + data, err := yaml.Marshal(&backupFile{ Container: ci.(*shared.ContainerInfo), Snapshots: sis, }) @@ -3555,9 +3555,9 @@ func (c *containerLXC) Update(args containerArgs, userRequested bool) error { /* we can call Update in some cases when the directory doesn't exist * yet before container creation; this is okay, because at the end of -* container creation we write the slurp file, so let's not worry about +* container creation we write the backup file, so let's not worry about * ENOENT. */ - if err := writeSlurpFile(c); err != nil && !os.IsNotExist(err) { + if err := writeBackupFile(c); err != nil && !os.IsNotExist(err) { return err } From b5864b712071f884350e2651b6ca757d2b2e6b92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2633 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 13155790f605dc4e09972ed81530de8a4e0ed753 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 21 Nov 2016 17:19:09 -0500 Subject: [PATCH 1/2] doc: Exec recording needs an API extension MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/rest-api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/rest-api.md b/doc/rest-api.md index a8f5946..a017863 100644 --- a/doc/rest-api.md +++ b/doc/rest-api.md @@ -733,7 +733,7 @@ Input (run bash): "command": ["/bin/bash"], # Command and arguments "environment": {}, # Optional extra environment variables to set "wait-for-websocket": false,# Whether to wait for a connection before starting the process -"record-output": false, # Whether to store stdout and stderr (only valid with wait-for-websocket set to false) +"record-output": false, # Whether to store stdout and stderr (only valid with wait-for-websocket=false) (requires API extension container_exec_recording) "interactive": true,# Whether to allocate a pts device instead of PIPEs "width": 80,# Initial width of the terminal (optional) "height": 25, # Initial height of the terminal (optional) From 090e2ecc9986848d7ca279502d199037a2c8e974 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 21 Nov 2016 17:19:41 -0500 Subject: [PATCH 2/2] doc: Fix escaping MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/api-extensions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/api-extensions.md b/doc/api-extensions.md index a15a2b0..18209b2 100644 --- a/doc/api-extensions.md +++ b/doc/api-extensions.md @@ -145,7 +145,7 @@ Adds the following to the REST API: * PUT of certificate entries * PATCH of certificate entries -## container\_exec\_signal_handling +## container\_exec\_signal\_handling Adds support /1.0/containers//exec for forwarding signals sent to the client to the processes executing in the container. Currently SIGTERM and SIGHUP are forwarded. Further signals that can be forwarded might be added ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2631 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === For some reason "zfs rename" attempts to unmount and remount all descendants. This behavior, combined with what looks like lack of support for mount namespaces in ZFS, causes "zfs rename" to fail despite having succesfuly renamed the dataset. So instead of believing the return code, always check if the rename happened. Closes #2617 Signed-off-by: Stéphane Graber From d00b6e2e080085409e5632e4b83c24ee071f1e67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 20 Nov 2016 00:28:48 -0500 Subject: [PATCH] zfs: Fix 10s delay on removing used images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For some reason "zfs rename" attempts to unmount and remount all descendants. This behavior, combined with what looks like lack of support for mount namespaces in ZFS, causes "zfs rename" to fail despite having succesfuly renamed the dataset. So instead of believing the return code, always check if the rename happened. Closes #2617 Signed-off-by: Stéphane Graber --- lxd/storage_zfs.go | 36 +--- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/lxd/storage_zfs.go b/lxd/storage_zfs.go index 85d57b4..333ac12 100644 --- a/lxd/storage_zfs.go +++ b/lxd/storage_zfs.go @@ -9,6 +9,7 @@ import ( "strconv" "strings" "syscall" + "time" "github.com/gorilla/websocket" @@ -924,20 +925,33 @@ func (s *storageZfs) zfsGet(path string, key string) (string, error) { } func (s *storageZfs) zfsRename(source string, dest string) error { - output, err := tryExec( - "zfs", - "rename", - "-p", - fmt.Sprintf("%s/%s", s.zfsPool, source), - fmt.Sprintf("%s/%s", s.zfsPool, dest)) - if err != nil { - if s.zfsExists(source) || !s.zfsExists(dest) { - s.log.Error("zfs rename failed", log.Ctx{"output": string(output)}) - return fmt.Errorf("Failed to rename ZFS filesystem: %s", output) + var err error + var output []byte + + for i := 0; i < 20; i++ { + output, err = exec.Command( + "zfs", + "rename", + "-p", + fmt.Sprintf("%s/%s", s.zfsPool, source), + fmt.Sprintf("%s/%s", s.zfsPool, dest)).CombinedOutput() + + // Success + if err == nil { + return nil + } + + // zfs rename can fail because of descendants, yet still manage the rename + if !s.zfsExists(source) && s.zfsExists(dest) { + return nil } + + time.Sleep(500 * time.Millisecond) } - return nil + // Timeout + s.log.Error("zfs rename failed", log.Ctx{"output": string(output)}) + return fmt.Errorf("Failed to rename ZFS filesystem: %s", output) } func (s *storageZfs) zfsSet(path string, key string, value string) error { ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2630 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From c3fab854c51d377d2619f2be24e5304feddd8466 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 19 Nov 2016 18:43:31 -0500 Subject: [PATCH 1/7] test: Better fix LXD_DEBUG MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The previous change didn't really work due to internal function calls. Instead, lets just focus on silencing things once we hit a failure. Signed-off-by: Stéphane Graber --- test/main.sh | 67 1 file changed, 8 insertions(+), 59 deletions(-) diff --git a/test/main.sh b/test/main.sh index 7aeceb6..a29fd98 100755 --- a/test/main.sh +++ b/test/main.sh @@ -51,11 +51,7 @@ if [ -z "${LXD_BACKEND:-}" ]; then fi spawn_lxd() { - # Don't trace internal functions set +x - OLD_DEBUG=${LXD_DEBUG:-} - LXD_DEBUG="" - # LXD_DIR is local here because since $(lxc) is actually a function, it # overwrites the environment and we would lose LXD_DIR's value otherwise. @@ -95,47 +91,27 @@ spawn_lxd() { echo "==> Setting trust password" LXD_DIR="${lxddir}" lxc config set core.trust_password foo + if [ -n "${LXD_DEBUG:-}" ]; then +set -x + fi echo "==> Setting up networking" LXD_DIR="${lxddir}" lxc network attach-profile lxdbr0 default eth0 echo "==> Configuring storage backend" "$LXD_BACKEND"_configure "${lxddir}" - - # Trace everything again - if [ -n "${OLD_DEBUG:-}" ]; then -LXD_DEBUG="${OLD_DEBUG}" -set -x - fi } lxc() { - # Don't trace internal functions - set +x - OLD_DEBUG=${LXD_DEBUG:-} - LXD_DEBUG="" - - # Call lxc_remote LXC_LOCAL=1 lxc_remote "$@" RET=$? unset LXC_LOCAL - - # Trace everything again - if [ -n "${OLD_DEBUG:-}" ]; then -LXD_DEBUG="${OLD_DEBUG}" -set -x - fi - return ${RET} } lxc_remote() { - # Don't trace internal functions set +x - OLD_DEBUG=${LXD_DEBUG:-} - LXD_DEBUG="" - injected=0 cmd=$(which lxc) @@ -156,16 +132,10 @@ lxc_remote() { if [ "${injected}" = "0" ]; then cmd="${cmd} ${DEBUG-}" fi - eval "${cmd}" - RET=$? - - # Trace everything again - if [ -n "${OLD_DEBUG:-}" ]; then -LXD_DEBUG="${OLD_DEBUG}" + if [ -n "${LXD_DEBUG:-}" ]; then set -x fi - - return ${RET} + eval "${cmd}" } gen_cert() { @@ -229,11 +199,6 @@ check_empty_table() { } kill_lxd() { - # Don't trace internal functions - set +x - OLD_DEBUG=${LXD_DEBUG:-} - LXD_DEBUG="" - # LXD_DIR is local here because since $(lxc) is actually a function, it # overwrites the environment and we would lose LXD_DIR's value otherwise. @@ -325,22 +290,12 @@ kill_lxd() { # Remove the daemon from the list sed "\|^${daemon_dir}|d" -i "${TEST_DIR}/daemons" - - # Trace everything again - if [ -n "${OLD_DEBUG:-}" ]; then -LXD_DEBUG="${OLD_DEBUG}" -set -x - fi } cleanup() { - # Don't trace internal functions - set +x - OLD_DEBUG=${LXD_DEBUG:-} - LXD_DEBUG="" - - # Allow for failures during cleanup - set +e + # Allow for failures and stop tracing everything + set +ex + LXD_DEBUG= # Allow for inspection if [ -n "${LXD_INSPECT:-}" ]; then @@ -382,12 +337,6 @@ cleanup() { if [ "${TEST_RESULT}" != "success" ]; then echo "failed test: ${TEST_CURRENT}" fi - - # Trace everything again - if [ -n "${OLD_DEBUG:-}" ]; then -LXD_DEBUG="${OLD_DEBUG}" -set -x - fi } wipe() { From ebd0d78086e024f19209e18792e0d2850589d672 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 19 Nov 2016 18:54:31 -0500 Subject: [PATCH 2/7] test: Don't depend on main.sh for filemanip MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Otherwise if main.sh is owned by a host uid which cannot be mapped into the container, the transfer will fail. Signed-off-by: Stéphane Graber --- test/suites/filemanip.sh | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/test/suites/filemanip.sh b/test/suites/filemanip.sh index 171d3b4..f135e40 100644 --- a/test/suites/filemanip.sh +++ b/test/suites/filemanip.sh @@ -4,12 +4,14 @@ test_filemanip() { ensure_import_testimage ensure_has_localhost_remote "${LXD_ADDR}" + echo "test" > "${TEST_DIR}"/filemanip + lxc launch testimage filemanip lxc exec filemanip -- ln -s /tmp/ /tmp/outside - lxc file push main.sh filemanip/tmp/outside/ + lxc file push "${TEST_DIR}"/filemanip filemanip/tmp/outside/ - [ ! -f /tmp/main.sh ] - lxc exec filemanip -- ls /tmp/main.sh + [ ! -f /tmp/filemanip ] + lxc exec filemanip -- ls /tmp/filemanip # missing files should return 404 err=$(my_curl -o /dev/null
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2595 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From c591d8d730841dc53b9214f3c4181452a9681430 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 4 Nov 2016 14:48:18 -0600 Subject: [PATCH 1/2] Timeout container freeze on stop MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sometimes we can't actually freeze the container, so give up after 5 seconds, restore the processes so that LXC can then normally kill them. Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 12 +++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index f8e840a..89301ce 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1750,7 +1750,17 @@ func (c *containerLXC) Stop(stateful bool) error { } // Attempt to freeze the container first, helps massively with fork bombs - c.Freeze() + freezer := make(chan bool, 1) + go func() { + c.Freeze() + freezer <- true + }() + + select { + case <-freezer: + case <-time.After(time.Second * 5): + c.Unfreeze() + } if err := c.c.Stop(); err != nil { op.Done(err) From fcd2a0bbbcb7191ab4fed751656a90c6fb26e30e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 4 Nov 2016 14:51:11 -0600 Subject: [PATCH 2/2] Add /snap/bin to PATH even if only /snap exists MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit /snap/bin is created later on by snapd, so lets just assume that it will exist and append /snap/bin so long as /snap exists. Signed-off-by: Stéphane Graber --- lxd/container_exec.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/container_exec.go b/lxd/container_exec.go index 4272b4e..9a020c3 100644 --- a/lxd/container_exec.go +++ b/lxd/container_exec.go @@ -340,7 +340,7 @@ func containerExecPost(d *Daemon, r *http.Request) Response { _, ok := env["PATH"] if !ok { env["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - if shared.PathExists(fmt.Sprintf("%s/snap/bin", c.RootfsPath())) { + if shared.PathExists(fmt.Sprintf("%s/snap", c.RootfsPath())) { env["PATH"] = fmt.Sprintf("%s:/snap/bin", env["PATH"]) } } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2509 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 02a468fe436845bb06db92456d21ce322a056c7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 15 Oct 2016 00:04:24 -0400 Subject: [PATCH 1/2] examples: Use .yaml as the yaml extension MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It's what upstream prefers and what we've been using the most throughout LXD. Signed-off-by: Stéphane Graber --- lxc/config.go | 2 +- lxc/image.go | 2 +- lxc/network.go | 2 +- lxc/profile.go | 2 +- po/de.po | 421 +++- po/fr.po | 401 +- po/ja.po | 455 +++-- po/lxd.pot | 10 +- 8 files changed, 880 insertions(+), 415 deletions(-) diff --git a/lxc/config.go b/lxc/config.go index fff621e..631589a 100644 --- a/lxc/config.go +++ b/lxc/config.go @@ -72,7 +72,7 @@ lxc config show [remote:][container] [--expanded] Show lxc config edit [remote:][container] Edit container or server configuration in external editor. Edit configuration, either by launching external editor or reading STDIN. Example: lxc config edit # launch editor - cat config.yml | lxc config edit # read from config.yml + cat config.yaml | lxc config edit # read from config.yaml lxc config trust list [remote] List all trusted certs. lxc config trust add [remote] Add certfile.crt to trusted hosts. diff --git a/lxc/image.go b/lxc/image.go index 488adab..c032d5c 100644 --- a/lxc/image.go +++ b/lxc/image.go @@ -148,7 +148,7 @@ lxc image show [remote:] lxc image edit [remote:] Edit image, either by launching external editor or reading STDIN. Example: lxc image edit # launch editor - cat image.yml | lxc image edit # read from image.yml + cat image.yaml | lxc image edit # read from image.yaml lxc image alias create [remote:] Create a new alias for an existing image. diff --git a/lxc/network.go b/lxc/network.go index 61be42e..9157947 100644 --- a/lxc/network.go +++ b/lxc/network.go @@ -58,7 +58,7 @@ lxc network deleteDelete a network. lxc network edit Edit network, either by launching external editor or reading STDIN. Example: lxc network edit # launch editor - cat network.yml | lxc network edit # read from network.yml + cat network.yaml | lxc network edit # read from network.yaml lxc network attach [device name] lxc network attach-profile [device name] diff --git a/lxc/profile.go b/lxc/profile.go index 2d03eaa..6c7687e 100644 --- a/lxc/profile.go +++ b/lxc/profile.go @@ -59,7 +59,7 @@ lxc profile deleteDelete a profile. lxc profile edit Edit profile, either by launching external editor or reading STDIN. Example: lxc profile edit # launch editor - cat profile.yml | lxc profile edit # read from profile.yml + cat profile.yaml | lxc profile edit # read from profile.yaml lxc profile assign Assign a comma-separated list of profiles to a container, in order. diff --git a/po/de.po b/po/de.po index 0cfe6e4..410a333 100644 --- a/po/de.po +++ b/po/de.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: LXD\n" "Report-Msgid-Bugs-To: lxc-devel@lists.linuxcontainers.org\n" -"POT-Creation-Date: 2016-08-30 17:59-0400\n" +"POT-Creation-Date: 2016-10-15 00:03-0400\n" "PO-Revision-Date: 2015-06-13 06:10+0200\n" "Last-Translator: Felix Engelmann \n" "Language-Team: \n" @@ -16,19 +16,23 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -#: lxc/info.go:140 +#: lxc/info.go:154 +msgid " CPU usage:" +msgstr "" + +#: lxc/info.go:143 msgid " Disk usage:" msgstr "" -#: lxc/info.go:163 +#: lxc/info.go:177 msgid " Memory usage:" msgstr "" -#: lxc/info.go:180 +#: lxc/info.go:194 msgid " Network usage:" msgstr "" -#: lxc/config.go:37 +#: lxc/config.go:36 #, fuzzy msgid "" "### This is a yaml representation of the configuration.\n" @@ -84,6 +88,44 @@ msgstr "" "### Zum Beispiel:\n" "### description: Mein eigenes Abbild\n" +#: lxc/network.go:28 +#, fuzzy +msgid "" +"### This is a yaml representation of the network.\n" +"### Any line starting with a '# will be ignored.\n" +"###\n" +"### A network consists of a set of configuration items.\n" +"###\n" +"### An example would look like:\n" +"### name: lxdbr0\n" +"### config:\n" +"### ipv4.address: 10.62.42.1/24
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2484 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 92baf6949134bf1ca66c2cd30f77fdee24662e0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 11 Oct 2016 15:40:59 -0400 Subject: [PATCH 1/4] Fix wording of seccomp error message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/container.go b/lxd/container.go index 72849ae..6e0150c 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -54,7 +54,7 @@ func containerValidConfigKey(d *Daemon, key string, value string) error { return nil } } - return fmt.Errorf("security.syscalls.blacklist_compat is only valid on x86_64") + return fmt.Errorf("security.syscalls.blacklist_compat isn't supported on this architecture") } return nil } From 0500eab878f4e6c0585a3001d4f506f986a739c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 11 Oct 2016 15:48:24 -0400 Subject: [PATCH 2/4] Properly validate memory limits MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2483 Signed-off-by: Stéphane Graber --- shared/container.go | 22 +- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/shared/container.go b/shared/container.go index cf558db..4a21a5d 100644 --- a/shared/container.go +++ b/shared/container.go @@ -232,7 +232,27 @@ var KnownContainerConfigKeys = map[string]func(value string) error{ "limits.disk.priority": IsPriority, - "limits.memory": IsAny, + "limits.memory": func(value string) error { + if value == "" { + return nil + } + + if strings.HasSuffix(value, "%") { + _, err := strconv.ParseInt(strings.TrimSuffix(value, "%"), 10, 64) + if err != nil { + return err + } + + return nil + } + + _, err := ParseByteSizeString(value) + if err != nil { + return err + } + + return nil + }, "limits.memory.enforce": func(value string) error { return IsOneOf(value, []string{"soft", "hard"}) }, From 3bde850596f6c1cf5ff54f6c795f3690bc4beebc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 11 Oct 2016 15:56:46 -0400 Subject: [PATCH 3/4] Properly validate CPU allowance MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/container.go | 38 +++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/shared/container.go b/shared/container.go index 4a21a5d..1e5964c 100644 --- a/shared/container.go +++ b/shared/container.go @@ -226,9 +226,41 @@ var KnownContainerConfigKeys = map[string]func(value string) error{ "boot.autostart.priority":IsInt64, "boot.host_shutdown_timeout": IsInt64, - "limits.cpu": IsAny, - "limits.cpu.allowance": IsAny, - "limits.cpu.priority": IsPriority, + "limits.cpu": IsAny, + "limits.cpu.allowance": func(value string) error { + if value == "" { + return nil + } + + if strings.HasSuffix(value, "%") { + // Percentage based allocation + _, err := strconv.Atoi(strings.TrimSuffix(value, "%")) + if err != nil { + return err + } + + return nil + } + + // Time based allocation + fields := strings.SplitN(value, "/", 2) + if len(fields) != 2 { + return fmt.Errorf("Invalid allowance: %s", value) + } + + _, err := strconv.Atoi(strings.TrimSuffix(fields[0], "ms")) + if err != nil { + return err + } + + _, err = strconv.Atoi(strings.TrimSuffix(fields[1], "ms")) + if err != nil { + return err + } + + return nil + }, + "limits.cpu.priority": IsPriority, "limits.disk.priority": IsPriority, From 84910fd8907e88f51fba723dae6f5f2e7135f53f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 11
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2463 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 6ddb4091643224b5c1d1885ea370f9806226a376 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 6 Oct 2016 12:13:53 +0200 Subject: [PATCH 1/2] Be more verbose on mkdir failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/nsexec.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/nsexec.go b/lxd/nsexec.go index cf6d98f..b03e59a 100644 --- a/lxd/nsexec.go +++ b/lxd/nsexec.go @@ -69,7 +69,7 @@ int mkdir_p(const char *dir, mode_t mode) makeme = strndup(orig, dir - orig); if (*makeme) { if (mkdir(makeme, mode) && errno != EEXIST) { - fprintf(stderr, "failed to create directory '%s'", makeme); + fprintf(stderr, "failed to create directory '%s': %s\n", makeme, strerror(errno)); free(makeme); return -1; } From 6ff0b5f3b73e0431785e2da1cf0913d6e3e5fd8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 6 Oct 2016 13:06:04 +0200 Subject: [PATCH 2/2] Fix forkmount to work with 4.8 and higher MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit A new restriction was placed in the 4.8 kernel that mkdir will return EOVERFLOW if the resulting uid/gid is outside of the container's map. This is a problem for us as we only attach to the mount namespace. So to fix that, we must detect that the kernel supports userns and that the container is in a userns, then attach. Signed-off-by: Stéphane Graber --- lxd/nsexec.go | 34 ++ 1 file changed, 34 insertions(+) diff --git a/lxd/nsexec.go b/lxd/nsexec.go index b03e59a..106e720 100644 --- a/lxd/nsexec.go +++ b/lxd/nsexec.go @@ -368,9 +368,43 @@ void create(char *src, char *dest) { void forkmount(char *buf, char *cur, ssize_t size) { char *src, *dest, *opts; + char nspath[PATH_MAX]; + char userns_source[PATH_MAX]; + char userns_target[PATH_MAX]; + ADVANCE_ARG_REQUIRED(); int pid = atoi(cur); + sprintf(nspath, "/proc/%d/ns/user", pid); + if (access(nspath, F_OK) == 0) { + if (readlink("/proc/self/ns/user", userns_source, 18) < 0) { + fprintf(stderr, "Failed readlink of source namespace: %s\n", strerror(errno)); + _exit(1); + } + + if (readlink(nspath, userns_target, PATH_MAX) < 0) { + fprintf(stderr, "Failed readlink of target namespace: %s\n", strerror(errno)); + _exit(1); + } + + if (strncmp(userns_source, userns_target, PATH_MAX) != 0) { + if (dosetns(pid, "user") < 0) { + fprintf(stderr, "Failed setns to container user namespace: %s\n", strerror(errno)); + _exit(1); + } + + if (setuid(0) < 0) { + fprintf(stderr, "Failed setuid to container root user: %s\n", strerror(errno)); + _exit(1); + } + + if (setgid(0) < 0) { + fprintf(stderr, "Failed setgid to container root group: %s\n", strerror(errno)); + _exit(1); + } + } + } + if (dosetns(pid, "mnt") < 0) { fprintf(stderr, "Failed setns to container mount namespace: %s\n", strerror(errno)); _exit(1); ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2435 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From a3bedb9afba70f0997b26196e7119ce1e61a17f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 29 Sep 2016 00:32:34 -0400 Subject: [PATCH 1/2] test: Force UTC timezone MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/main.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/main.sh b/test/main.sh index 5076448..5afa7f9 100755 --- a/test/main.sh +++ b/test/main.sh @@ -4,6 +4,9 @@ # Don't translate lxc output for parsing in it in tests. export "LC_ALL=C" +# Force UTC for consistency +export "TZ=UTC" + if [ -n "${LXD_DEBUG:-}" ]; then set -x DEBUG="--debug" From dd9ef36a7a2bb07503598f35b07539653e6cb43e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 29 Sep 2016 00:37:14 -0400 Subject: [PATCH 2/2] test: Fix apparmor version check MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/basic.sh | 8 1 file changed, 8 insertions(+) diff --git a/test/suites/basic.sh b/test/suites/basic.sh index 5bcfdc9..52824eb 100644 --- a/test/suites/basic.sh +++ b/test/suites/basic.sh @@ -313,7 +313,15 @@ test_basic_usage() { # check that an apparmor profile is created for this container, that it is # unloaded on stop, and that it is deleted when the container is deleted lxc launch testimage lxd-apparmor-test + + MAJOR=0 + MINOR=0 if [ -f /sys/kernel/security/apparmor/features/domain/version ]; then +MAJOR=$(awk '{print $1}' < /sys/kernel/security/apparmor/features/domain/version) +MINOR=$(awk '{print $2}' < /sys/kernel/security/apparmor/features/domain/version) + fi + + if [ "${MAJOR}" -gt "1" ] || ([ "${MAJOR}" = "1" ] && [ "${MINOR}" -ge "2" ]); then aa_namespace="lxd-lxd-apparmor-test_<$(echo "${LXD_DIR}" | sed -e 's/\//-/g' -e 's/^.//')>" aa-status | grep ":${aa_namespace}://unconfined" lxc stop lxd-apparmor-test --force ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2350 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 16f8e3e2b45f14260ae85d3787cdaf5b41244291 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 7 Sep 2016 17:15:48 -0400 Subject: [PATCH 1/2] doc: Spacing cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/rest-api.md | 15 --- 1 file changed, 15 deletions(-) diff --git a/doc/rest-api.md b/doc/rest-api.md index b92dc09..4e0752e 100644 --- a/doc/rest-api.md +++ b/doc/rest-api.md @@ -135,7 +135,6 @@ Code | Meaning 400 | Failure 401 | Cancelled - # Recursion To optimize queries of large lists, recursion is implemented for collections. A "recursion" argument can be passed to a GET query against a collection. @@ -460,7 +459,6 @@ Input (using a public remote image): "alias": "ubuntu/devel"},# Name of the alias } - Input (using a private remote image after having obtained a secret for that image): { @@ -519,7 +517,6 @@ Input (using a local container): "source": "my-old-container"} # Name of the source container } - ## /1.0/containers/\ ### GET * Description: Container information @@ -571,7 +568,6 @@ Output: "status_code": 103 } - ### PUT (ETag supported) * Description: replaces container configuration or restore snapshot * Authentication: trusted @@ -599,7 +595,6 @@ Input (update container configuration): ] } - Takes the same structure as that returned by GET but doesn't allow name changes (see POST below) or changes to the status sub-dict (since that's read-only). @@ -630,7 +625,6 @@ Input: "ephemeral": true } - ### POST * Description: used to rename/migrate the container * Authentication: trusted @@ -824,7 +818,6 @@ Output: } } - ### PUT * Description: change the container state * Authentication: trusted @@ -1046,7 +1039,6 @@ Return (with wait-for-websocket=true and interactive=true): } } - When the exec command finishes, its exit status is available from the operation's metadata: @@ -1124,7 +1116,6 @@ This never returns. Each notification is sent as a separate JSON dict: } } - ## /1.0/images ### GET * Description: list of images (public or private) @@ -1209,7 +1200,6 @@ In the remote image URL case, the following dict must be used: } } - After the input is received by LXD, a background operation is started which will add the image to the store and possibly do some backend filesystem-specific optimizations. @@ -1318,7 +1308,6 @@ client will POST to /1.0/images/\/export to get a secret token which it'll then pass to the target LXD. That target LXD will then GET the image as a guest, passing the secret token. - ## /1.0/images/\/secret ### POST * Description: Generate a random token and tell LXD to expect it be used by a guest @@ -1413,7 +1402,6 @@ Input: "description": "New description" } - ### POST * Description: rename an alias * Authentication: trusted @@ -1557,7 +1545,6 @@ Return: "/1.0/profiles/default" ] - ### POST * Description: define a new profile * Authentication: trusted @@ -1660,13 +1647,11 @@ Input (rename a profile): "name": "new-name" } - HTTP return value must be 204 (No content) and Location must point to the renamed resource. Renaming to an existing name must return the 409 (Conflict) HTTP code. - ### DELETE * Description: remove a profile * Authentication: trusted From 06d8fec90b5028148f70ddd1addb82586dd4f016 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 7 Sep 2016 17:20:08 -0400 Subject: [PATCH 2/2] Consistently handle name conflicts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All of those were documented as returning a 409 and clearly weren't :) Signed-off-by: Stéphane Graber --- lxd/container_post.go | 6 ++ lxd/container_snapshot.go | 14 +++--- lxd/images.go | 6 ++ lxd/profiles.go | 6 ++ 4 files changed, 29 insertions(+), 3 deletions(-) diff --git a/lxd/container_post.go b/lxd/container_post.go index 58ebf07..5603f29 100644 --- a/lxd/container_post.go +++ b/lxd/container_post.go @@ -47,6 +47,12 @@ func containerPost(d *Daemon, r *http.Request) Response { return OperationResponse(op) } + // Check that the name isn't already in use + id, _ := dbContainerId(d.db, body.Name) + if id != 0 { + return Conflict +
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2345 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From efd6bbf0d3632843c45fc4838796b4373e2e7738 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 5 Sep 2016 18:43:26 -0400 Subject: [PATCH] Rework container operation locking MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This should fix a number of race conditions around start, stop and shutdown. Closes #2297 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 216 +-- 1 file changed, 139 insertions(+), 77 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index ed9ef60..f28c99a 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -28,9 +28,55 @@ import ( log "gopkg.in/inconshreveable/log15.v2" ) -// Global variables -var lxcStoppingContainersLock sync.Mutex -var lxcStoppingContainers map[int]*sync.WaitGroup = make(map[int]*sync.WaitGroup) +// Operation locking +type lxcContainerOperation struct { + action string + chanDone chan error + err error + id int + timeout int +} + +func (op *lxcContainerOperation) Create(id int, action string, timeout int) *lxcContainerOperation { + op.id = id + op.action = action + op.timeout = timeout + op.chanDone = make(chan error, 0) + + if timeout > 1 { + go func(op *lxcContainerOperation) { + time.Sleep(time.Second * time.Duration(op.timeout)) + op.Done(fmt.Errorf("Container %s operation timed out after %d seconds", op.action, op.timeout)) + }(op) + } + + return op +} + +func (op *lxcContainerOperation) Wait() error { + <-op.chanDone + + return op.err +} + +func (op *lxcContainerOperation) Done(err error) { + lxcContainerOperationsLock.Lock() + defer lxcContainerOperationsLock.Unlock() + + // Check if already done + runningOp, ok := lxcContainerOperations[op.id] + if !ok || runningOp != op { + return + } + + op.err = err + close(op.chanDone) + + delete(lxcContainerOperations, op.id) +} + +var lxcContainerOperationsLock sync.Mutex +var lxcContainerOperations map[int]*lxcContainerOperation = make(map[int]*lxcContainerOperation) // Helper functions func lxcSetConfigItem(c *lxc.Container, key string, value string) error { @@ -248,6 +294,51 @@ type containerLXC struct { storage storage } +func (c *containerLXC) createOperation(action string, timeout int) (*lxcContainerOperation, error) { + op, _ := c.getOperation("") + if op != nil { + return nil, fmt.Errorf("Container is already running a %s operation", op.action) + } + + lxcContainerOperationsLock.Lock() + defer lxcContainerOperationsLock.Unlock() + + op = &lxcContainerOperation{} + op.Create(c.id, action, timeout) + lxcContainerOperations[c.id] = op + + return lxcContainerOperations[c.id], nil +} + +func (c *containerLXC) getOperation(action string) (*lxcContainerOperation, error) { + lxcContainerOperationsLock.Lock() + defer lxcContainerOperationsLock.Unlock() + + op := lxcContainerOperations[c.id] + + if op == nil { + return nil, fmt.Errorf("No running %s container operation", action) + } + + if action != "" && op.action != action { + return nil, fmt.Errorf("Container is running a %s operation, not a %s operation", op.action, action) + } + + return op, nil +} + +func (c *containerLXC) waitOperation() error { + op, _ := c.getOperation("") + if op != nil { + err := op.Wait() + if err != nil { + return err + } + } + + return nil +} + func (c *containerLXC) init() error { // Compute the expanded config and device list err := c.expandConfig() @@ -1262,15 +1353,15 @@ func (c *containerLXC) startCommon() (string, error) { } func (c *containerLXC) Start(stateful bool) error { - // Wait for container tear down to finish - lxcStoppingContainersLock.Lock() - wgStopping, stopping := lxcStoppingContainers[c.id] - lxcStoppingContainersLock.Unlock() - if stopping { - wgStopping.Wait() + // Setup a new operation + op, err := c.createOperation("start", 30) + if err != nil { + return err } + defer op.Done(nil) - if err := setupSharedMounts(); err != nil { + err = setupSharedMounts() + if err != nil { return fmt.Errorf("Daemon failed to setup share
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2331 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 6d84f345d677cac326cbaa3aa3e2fa65c69b0950 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 31 Aug 2016 21:35:01 -0400 Subject: [PATCH] Allow unsetting any config key MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Prevents a DB failure when trying to unset one of the volatile network keys (name or hwaddr). Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 13 - 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 50a1ec9..ed9ef60 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -2192,11 +2192,6 @@ func (c *containerLXC) Update(args containerArgs, userRequested bool) error { return err } - err = c.initLXC() - if err != nil { - return err - } - // Diff the configurations changedConfig := []string{} for key, _ := range oldExpandedConfig { @@ -2649,6 +2644,14 @@ func (c *containerLXC) Update(args containerArgs, userRequested bool) error { return err } + // Invalidate the go-lxc cache + c.c = nil + + err = c.initLXC() + if err != nil { + return err + } + // Success, update the closure to mark that the changes should be kept. undoChanges = false ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2287 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 3822c4e7f61d9ae17a8594a03344330b7bebb12f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 16 Aug 2016 13:18:57 -0400 Subject: [PATCH 1/2] Fix for newer shellcheck MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd-bridge/lxd-bridge | 3 ++- test/backends/btrfs.sh | 6 ++ test/backends/dir.sh | 6 ++ test/backends/lvm.sh | 6 ++ test/backends/zfs.sh | 6 ++ test/main.sh | 15 +++ test/suites/basic.sh | 3 ++- test/suites/devlxd.sh | 2 ++ test/suites/remote.sh | 2 +- test/suites/static_analysis.sh | 2 +- 10 files changed, 43 insertions(+), 8 deletions(-) diff --git a/lxd-bridge/lxd-bridge b/lxd-bridge/lxd-bridge index 67a7829..15390a3 100755 --- a/lxd-bridge/lxd-bridge +++ b/lxd-bridge/lxd-bridge @@ -27,6 +27,7 @@ LXD_IPV6_NETWORK="" LXD_IPV6_NAT="false" LXD_IPV6_PROXY="true" +# shellcheck disable=SC1090 [ ! -f "${config}" ] || . "${config}" use_iptables_lock="-w" @@ -39,7 +40,7 @@ HAS_IPV6=false _netmask2cidr () { # Assumes there's no "255." after a non-255 byte in the mask -local x=${1##*255.} +x=${1##*255.} set -- "0^^^128^192^224^240^248^252^254^" "$(( (${#1} - ${#x})*2 ))" "${x%%.*}" x=${1%%${3}*} echo $(( ${2} + (${#x}/4) )) diff --git a/test/backends/btrfs.sh b/test/backends/btrfs.sh index 5639928..efbcc46 100644 --- a/test/backends/btrfs.sh +++ b/test/backends/btrfs.sh @@ -1,7 +1,9 @@ #!/bin/sh btrfs_setup() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Setting up btrfs backend in ${LXD_DIR}" @@ -17,14 +19,18 @@ btrfs_setup() { } btrfs_configure() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Configuring btrfs backend in ${LXD_DIR}" } btrfs_teardown() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Tearing down btrfs backend in ${LXD_DIR}" diff --git a/test/backends/dir.sh b/test/backends/dir.sh index beeaefc..7a14be5 100644 --- a/test/backends/dir.sh +++ b/test/backends/dir.sh @@ -5,7 +5,9 @@ # Any necessary backend-specific setup dir_setup() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Setting up directory backend in ${LXD_DIR}" @@ -13,14 +15,18 @@ dir_setup() { # Do the API voodoo necessary to configure LXD to use this backend dir_configure() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Configuring directory backend in ${LXD_DIR}" } dir_teardown() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Tearing down directory backend in ${LXD_DIR}" diff --git a/test/backends/lvm.sh b/test/backends/lvm.sh index 0996e0a..862e330 100644 --- a/test/backends/lvm.sh +++ b/test/backends/lvm.sh @@ -1,7 +1,9 @@ #!/bin/sh lvm_setup() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Setting up lvm backend in ${LXD_DIR}" @@ -23,7 +25,9 @@ lvm_setup() { } lvm_configure() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Configuring lvm backend in ${LXD_DIR}" @@ -33,7 +37,9 @@ lvm_configure() { } lvm_teardown() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Tearing down lvm backend in ${LXD_DIR}" diff --git a/test/backends/zfs.sh b/test/backends/zfs.sh index 0a7b515..41013fe 100644 --- a/test/backends/zfs.sh +++ b/test/backends/zfs.sh @@ -1,7 +1,9 @@ #!/bin/sh zfs_setup() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Setting up ZFS backend in ${LXD_DIR}" @@ -17,7 +19,9 @@ zfs_setup() { } zfs_configure() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Configuring ZFS backend in ${LXD_DIR}" @@ -26,7 +30,9 @@ zfs_configure() { } zfs_teardown() { + # shellcheck disable=2039 local LXD_DIR + LXD_DIR=$1 echo "==> Tearing down ZFS backend in ${LXD_DIR}" diff --git a/test/main.sh b/test/main.sh index 532e7d9..5b38682 100755 --- a/test/main.sh +++ b/test/main.sh @@ -39,6 +39,7 @@ local_tcp_port() { # import all the backends for backend in backends/*.sh; do + # shellcheck disable=SC1090 . "${backend}" done @@ -50,6 +51,8 @@ spawn_lxd() { set +x # LXD_DIR is local here because since $(lxc) is actually a function, it # overwrites the environment and we would lose LXD_DIR's value otherwise. + + # shellcheck disable=2039 local LXD_DIR lxddir=${1} @@ -192,7 +195,10 @@ check_empty_table() { kill_lxd() { # LXD_DIR is local h
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2232 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 97c526777839221f8593f0937985401e521a12df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 22 Jul 2016 15:39:58 -0400 Subject: [PATCH 1/8] Add "lxc profile unset" to help message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2227 Signed-off-by: Stéphane Graber --- lxc/profile.go | 1 + po/lxd.pot | 21 +++-- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/lxc/profile.go b/lxc/profile.go index 6e424a9..377644b 100644 --- a/lxc/profile.go +++ b/lxc/profile.go @@ -54,6 +54,7 @@ lxc profile createCreate a profile. lxc profile copy Copy the profile to the specified remote. lxc profile get Get profile configuration. lxc profile set Set profile configuration. +lxc profile unsetUnset profile configuration. lxc profile deleteDelete a profile. lxc profile edit Edit profile, either by launching external editor or reading STDIN. diff --git a/po/lxd.pot b/po/lxd.pot index 2c250d3..e02ca6b 100644 --- a/po/lxd.pot +++ b/po/lxd.pot @@ -7,7 +7,7 @@ msgid "" msgstr "Project-Id-Version: lxd\n" "Report-Msgid-Bugs-To: lxc-devel@lists.linuxcontainers.org\n" -"POT-Creation-Date: 2016-07-19 12:41-0700\n" +"POT-Creation-Date: 2016-07-22 15:39-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -86,7 +86,7 @@ msgstr "" msgid "'/' not allowed in snapshot name" msgstr "" -#: lxc/profile.go:253 +#: lxc/profile.go:254 msgid "(none)" msgstr "" @@ -159,7 +159,7 @@ msgstr "" msgid "Can't unset key '%s', it's not currently set." msgstr "" -#: lxc/profile.go:419 +#: lxc/profile.go:420 msgid "Cannot provide container name to list" msgstr "" @@ -187,7 +187,7 @@ msgstr "" msgid "Config key/value to apply to the new container" msgstr "" -#: lxc/config.go:531 lxc/config.go:596 lxc/image.go:729 lxc/profile.go:217 +#: lxc/config.go:531 lxc/config.go:596 lxc/image.go:729 lxc/profile.go:218 #, c-format msgid "Config parsing error: %s" msgstr "" @@ -547,6 +547,7 @@ msgid "Manage configuration profiles.\n" "lxc profile copy Copy the profile to the specified remote.\n" "lxc profile get Get profile configuration.\n" "lxc profile set Set profile configuration.\n" +"lxc profile unsetUnset profile configuration.\n" "lxc profile deleteDelete a profile.\n" "lxc profile edit \n" "Edit profile, either by launching external editor or reading STDIN.\n" @@ -848,7 +849,7 @@ msgid "Presents details on how to use LXD.\n" "lxd help [--all]" msgstr "" -#: lxc/profile.go:218 +#: lxc/profile.go:219 msgid "Press enter to open the editor again" msgstr "" @@ -879,22 +880,22 @@ msgstr "" msgid "Processes: %d" msgstr "" -#: lxc/profile.go:274 +#: lxc/profile.go:275 #, c-format msgid "Profile %s added to %s" msgstr "" -#: lxc/profile.go:169 +#: lxc/profile.go:170 #, c-format msgid "Profile %s created" msgstr "" -#: lxc/profile.go:239 +#: lxc/profile.go:240 #, c-format msgid "Profile %s deleted" msgstr "" -#: lxc/profile.go:305 +#: lxc/profile.go:306 #, c-format msgid "Profile %s removed from %s" msgstr "" @@ -903,7 +904,7 @@ msgstr "" msgid "Profile to apply to the new container" msgstr "" -#: lxc/profile.go:255 +#: lxc/profile.go:256 #, c-format msgid "Profiles %s applied to %s" msgstr "" From 40c5603da142a962e4f71053b770b08653737dbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 22 Jul 2016 15:46:21 -0400 Subject: [PATCH 2/8] doc: Document raw.seccomp MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2228 Signed-off-by: Stéphane Graber --- doc/configuration.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/configuration.md b/doc/configuration.md index 0415d7e..3fc98a5 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -84,6 +84,7 @@ limits.processes | integer | - (max) | yes linux.kernel\_modules| string| - | yes | -| Comma separated list of kernel modules to load before starting the container raw.apparmor | blob | - | yes | -| Apparmor profile entries to be appended
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2192 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From b4280e05b92186fa05b05da8bc2c1966aedf6f42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 8 Jul 2016 15:43:20 -0400 Subject: [PATCH 1/4] Don't share http client with go routines MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2186 Signed-off-by: Stéphane Graber --- lxc/list.go | 10 ++ 1 file changed, 10 insertions(+) diff --git a/lxc/list.go b/lxc/list.go index 6e2f9b7..a4863c3 100644 --- a/lxc/list.go +++ b/lxc/list.go @@ -231,6 +231,11 @@ func (c *listCmd) listContainers(d *lxd.Client, cinfos []shared.ContainerInfo, f for i := 0; i < threads; i++ { cStatesWg.Add(1) go func() { + d, err := lxd.NewClient(&d.Config, d.Name) + if err != nil { + return + } + for { cName, more := <-cStatesQueue if !more { @@ -251,6 +256,11 @@ func (c *listCmd) listContainers(d *lxd.Client, cinfos []shared.ContainerInfo, f cSnapshotsWg.Add(1) go func() { + d, err := lxd.NewClient(&d.Config, d.Name) + if err != nil { + return + } + for { cName, more := <-cSnapshotsQueue if !more { From e7f54b51408a39c94df2be2b959bd19eb1792f31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 8 Jul 2016 15:58:19 -0400 Subject: [PATCH 2/4] Add comment to iptables rules MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2125 Signed-off-by: Stéphane Graber --- lxd-bridge/lxd-bridge | 36 ++-- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/lxd-bridge/lxd-bridge b/lxd-bridge/lxd-bridge index f3c5f00..a1eab2a 100755 --- a/lxd-bridge/lxd-bridge +++ b/lxd-bridge/lxd-bridge @@ -113,7 +113,7 @@ start() { if [ -n "${LXD_IPV4_ADDR}" ] && [ -n "${LXD_IPV4_NETMASK}" ] && [ -n "${LXD_IPV4_NETWORK}" ]; then echo 1 > /proc/sys/net/ipv4/ip_forward if [ "${LXD_IPV4_NAT}" = "true" ]; then -iptables "${use_iptables_lock}" -t nat -A POSTROUTING -s "${LXD_IPV4_NETWORK}" ! -d "${LXD_IPV4_NETWORK}" -j MASQUERADE +iptables "${use_iptables_lock}" -t nat -A POSTROUTING -s "${LXD_IPV4_NETWORK}" ! -d "${LXD_IPV4_NETWORK}" -j MASQUERADE -m comment --comment "managed by lxd-bridge" fi LXD_IPV4_ARG="--listen-address ${LXD_IPV4_ADDR} --dhcp-range ${LXD_IPV4_DHCP_RANGE} --dhcp-lease-max=${LXD_IPV4_DHCP_MAX}" fi @@ -131,18 +131,18 @@ start() { ip -6 addr add dev "${LXD_BRIDGE}" "${LXD_IPV6_ADDR}/${LXD_IPV6_MASK}" if [ "${LXD_IPV6_NAT}" = "true" ]; then -ip6tables "${use_iptables_lock}" -t nat -A POSTROUTING -s "${LXD_IPV6_NETWORK}" ! -d "${LXD_IPV6_NETWORK}" -j MASQUERADE +ip6tables "${use_iptables_lock}" -t nat -A POSTROUTING -s "${LXD_IPV6_NETWORK}" ! -d "${LXD_IPV6_NETWORK}" -j MASQUERADE -m comment --comment "managed by lxd-bridge" fi LXD_IPV6_ARG="--dhcp-range=${LXD_IPV6_ADDR},ra-stateless,ra-names --listen-address ${LXD_IPV6_ADDR}" fi -iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p udp --dport 67 -j ACCEPT -iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p tcp --dport 67 -j ACCEPT -iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p udp --dport 53 -j ACCEPT -iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p tcp --dport 53 -j ACCEPT -iptables "${use_iptables_lock}" -I FORWARD -i "${LXD_BRIDGE}" -j ACCEPT -iptables "${use_iptables_lock}" -I FORWARD -o "${LXD_BRIDGE}" -j ACCEPT -iptables "${use_iptables_lock}" -t mangle -A POSTROUTING -o "${LXD_BRIDGE}" -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill +iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p udp --dport 67 -j ACCEPT -m comment --comment "managed by lxd-bridge" +iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p tcp --dport 67 -j ACCEPT -m comment --comment "managed by lxd-bridge" +iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p udp --dport 53 -j ACCEPT -m comment --comment "managed by lxd-bridge" +iptables "${use_iptables_lock}" -I INPUT -i "${LXD_BRIDGE}" -p tcp --dport 53 -j ACCEPT -m comment --comment "managed by lxd-bridge" +iptables "${use_iptables_lock}" -I FORWAR
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2168 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From c7d50e57f8acfd01bf244302ea9341f16d62de31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 28 Jun 2016 14:25:34 -0400 Subject: [PATCH 1/3] Makefile: Also have "make dist" run multiple go get MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index 85a23e2..487f512 100644 --- a/Makefile +++ b/Makefile @@ -58,6 +58,8 @@ dist: rm -Rf lxd-$(VERSION) $(ARCHIVE) $(ARCHIVE).gz mkdir -p lxd-$(VERSION)/dist -GOPATH=$(shell pwd)/lxd-$(VERSION)/dist go get -t -v -d ./... + -GOPATH=$(shell pwd)/lxd-$(VERSION)/dist go get -t -v -d ./... + -GOPATH=$(shell pwd)/lxd-$(VERSION)/dist go get -t -v -d ./... GOPATH=$(shell pwd)/lxd-$(VERSION)/dist go get -t -v -d ./... rm -rf $(shell pwd)/lxd-$(VERSION)/dist/src/github.com/lxc/lxd ln -s ../../../.. ./lxd-$(VERSION)/dist/src/github.com/lxc/lxd From 222b28d51d25e30ebf9f5a86bdb4e8a50ca3b536 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 29 Jun 2016 17:15:57 -0400 Subject: [PATCH 2/3] Improve check for invalid physical devices MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit And drop the rather odd error message :) Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index c3f87a3..3ae3e94 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -3901,8 +3901,8 @@ func (c *containerLXC) insertNetworkDevice(name string, m shared.Device) error { return nil } - if m["hwaddr"] == "" || m["name"] == "" { - return fmt.Errorf("wtf? hwaddr=%s name=%s", m["hwaddr"], m["name"]) + if m["parent"] != "" && !shared.PathExists(fmt.Sprintf("/sys/class/net/%s", m["parent"])) { + return fmt.Errorf("Parent device '%s' doesn't exist", m["parent"]) } // Return empty list if not running From 9ed562a1d122dd5d3b9439d788da007aba32eef9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 30 Jun 2016 13:30:28 -0400 Subject: [PATCH 3/3] simplestreams: list images available as both squashfs and tar.xz MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- shared/simplestreams.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shared/simplestreams.go b/shared/simplestreams.go index 3aa8f61..b1f4423 100644 --- a/shared/simplestreams.go +++ b/shared/simplestreams.go @@ -153,7 +153,7 @@ func (s *SimpleStreamsManifest) ToLXD() ([]ImageInfo, map[string][][]string) { } } - if found != 2 || size == 0 || filename == "" || fingerprint == "" { + if found < 2 || size == 0 || filename == "" || fingerprint == "" { // Invalid image continue } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2163 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From a733a77580f9c3e677c85dc51f05c8e5af1b5a80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 28 Jun 2016 10:59:26 -0400 Subject: [PATCH 1/2] Use the daemon provided fingerprint on image copy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fallback on client provided fingerprint if no daemon provided fingerprint can be found in operation metadata. Closes #2162 Signed-off-by: Stéphane Graber --- client.go | 28 +--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/client.go b/client.go index 1950fe3..3567127 100644 --- a/client.go +++ b/client.go @@ -710,6 +710,8 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase go dest.Monitor([]string{"operation"}, handler) } + fingerprint := info.Fingerprint + for _, addr := range addresses { sourceUrl := "https://"; + addr @@ -723,11 +725,18 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase operation = resp.Operation - err = dest.WaitForSuccess(resp.Operation) + op, err := dest.WaitForSuccessOp(resp.Operation) if err != nil { return err } + if op.Metadata != nil { + value, err := op.Metadata.GetString("fingerprint") + if err == nil { + fingerprint = value + } + } + break } @@ -739,7 +748,7 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase if copy_aliases { for _, alias := range info.Aliases { dest.DeleteAlias(alias.Name) - err = dest.PostAlias(alias.Name, alias.Description, info.Fingerprint) + err = dest.PostAlias(alias.Name, alias.Description, fingerprint) if err != nil { return fmt.Errorf("Error adding alias %s: %s", alias.Name, err) } @@ -749,7 +758,7 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase /* add new aliases */ for _, alias := range aliases { dest.DeleteAlias(alias) - err = dest.PostAlias(alias, alias, info.Fingerprint) + err = dest.PostAlias(alias, alias, fingerprint) if err != nil { return fmt.Errorf("Error adding alias %s: %s\n", alias, err) } @@ -1864,6 +1873,19 @@ func (c *Client) WaitForSuccess(waitURL string) error { return fmt.Errorf(op.Err) } +func (c *Client) WaitForSuccessOp(waitURL string) (*shared.Operation, error) { + op, err := c.WaitFor(waitURL) + if err != nil { + return nil, err + } + + if op.StatusCode == shared.Success { + return op, nil + } + + return op, fmt.Errorf(op.Err) +} + func (c *Client) RestoreSnapshot(container string, snapshotName string, stateful bool) (*Response, error) { if c.Remote.Public { return nil, fmt.Errorf("This function isn't supported by public remotes.") From fcd0f83452184ef0a3edf9752b110ae137c5dd27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 27 Jun 2016 19:16:38 -0400 Subject: [PATCH 2/2] doc: Fix certificates json examples MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/rest-api.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/rest-api.md b/doc/rest-api.md index 3db16a2..4c1b10c 100644 --- a/doc/rest-api.md +++ b/doc/rest-api.md @@ -310,7 +310,7 @@ Input: { "type": "client", # Certificate type (keyring), currently only client "certificate": "PEM certificate", # If provided, a valid x509 certificate. If not, the client certificate of the connection will be used -"name": "foo" # An optional name for the certificate. If nothing is provided, the host in the TLS header for the request is used. +"name": "foo", # An optional name for the certificate. If nothing is provided, the host in the TLS header for the request is used. "password": "server-trust-password" # The trust password for that server (only required if untrusted) } @@ -325,7 +325,8 @@ Output: { "type": "client
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2145 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 7f52ac647f481ddcbdbc6ded789f0f6c50ddaaf0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Jun 2016 18:42:20 -0400 Subject: [PATCH 1/5] Make devices cgroup config more readable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 16 +++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 3afb3e6..8a6586d 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -371,7 +371,21 @@ func (c *containerLXC) initLXC() error { return err } - for _, dev := range []string{"c *:* m", "b *:* m", "c 5:0 rwm", "c 5:1 rwm", "c 1:5 rwm", "c 1:7 rwm", "c 1:3 rwm", "c 1:8 rwm", "c 1:9 rwm", "c 5:2 rwm", "c 136:* rwm"} { + devices := []string{ + "b *:* m", // Allow mknod of block devices + "c *:* m", // Allow mknod of char devices + "c 136:* rwm", // /dev/pts devices + "c 1:3 rwm", // /dev/null + "c 1:5 rwm", // /dev/zero + "c 1:7 rwm", // /dev/full + "c 1:8 rwm", // /dev/random + "c 1:9 rwm", // /dev/urandom + "c 5:0 rwm", // /dev/tty + "c 5:1 rwm", // /dev/console + "c 5:2 rwm", // /dev/ptmx + } + + for _, dev := range devices { err = lxcSetConfigItem(cc, "lxc.cgroup.devices.allow", dev) if err != nil { return err From 65daaf5eef9b6097d95f6a979cf809ac3b1c1005 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Jun 2016 18:43:10 -0400 Subject: [PATCH 2/5] Setup /dev/fuse by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 24 +--- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 8a6586d..b340aab 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -328,6 +328,7 @@ func (c *containerLXC) initLXC() error { } bindMounts := []string{ + "/dev/fuse", "/proc/sys/fs/binfmt_misc", "/sys/firmware/efi/efivars", "/sys/fs/fuse/connections", @@ -372,17 +373,18 @@ func (c *containerLXC) initLXC() error { } devices := []string{ - "b *:* m", // Allow mknod of block devices - "c *:* m", // Allow mknod of char devices - "c 136:* rwm", // /dev/pts devices - "c 1:3 rwm", // /dev/null - "c 1:5 rwm", // /dev/zero - "c 1:7 rwm", // /dev/full - "c 1:8 rwm", // /dev/random - "c 1:9 rwm", // /dev/urandom - "c 5:0 rwm", // /dev/tty - "c 5:1 rwm", // /dev/console - "c 5:2 rwm", // /dev/ptmx + "b *:* m", // Allow mknod of block devices + "c *:* m", // Allow mknod of char devices + "c 136:* rwm", // /dev/pts devices + "c 1:3 rwm",// /dev/null + "c 1:5 rwm",// /dev/zero + "c 1:7 rwm",// /dev/full + "c 1:8 rwm",// /dev/random + "c 1:9 rwm",// /dev/urandom + "c 5:0 rwm",// /dev/tty + "c 5:1 rwm",// /dev/console + "c 5:2 rwm",// /dev/ptmx + "c 10:229 rwm", // /dev/fuse } for _, dev := range devices { From 53332466b816a91c57b4c65a306ef2bc129b5a85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Jun 2016 19:23:43 -0400 Subject: [PATCH 3/5] Better handle bind mounts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 17 ++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index b340aab..6fd0ee4 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -346,9 +346,20 @@ fun
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2142 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From b8c18b754b37b2e02e2f05ac5dddc15c5105978e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Jun 2016 11:36:44 -0400 Subject: [PATCH 1/2] Allow "none" as compression algorithm MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/daemon_config.go | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lxd/daemon_config.go b/lxd/daemon_config.go index ba6..b941999 100644 --- a/lxd/daemon_config.go +++ b/lxd/daemon_config.go @@ -175,7 +175,7 @@ func daemonConfigInit(db *sql.DB) error { "images.auto_update_cached":&daemonConfigKey{valueType: "bool", defaultValue: "true"}, "images.auto_update_interval": &daemonConfigKey{valueType: "int", defaultValue: "6"}, - "images.compression_algorithm": &daemonConfigKey{valueType: "string", validator: daemonConfigValidateCommand, defaultValue: "gzip"}, + "images.compression_algorithm": &daemonConfigKey{valueType: "string", validator: daemonConfigValidateCompression, defaultValue: "gzip"}, "images.remote_cache_expiry": &daemonConfigKey{valueType: "int", defaultValue: "10", trigger: daemonConfigTriggerExpiry}, "storage.lvm_fstype": &daemonConfigKey{valueType: "string", defaultValue: "ext4", validValues: []string{"ext4", "xfs"}}, @@ -312,7 +312,11 @@ func daemonConfigTriggerExpiry(d *Daemon, key string, value string) { d.pruneChan <- true } -func daemonConfigValidateCommand(d *Daemon, key string, value string) error { +func daemonConfigValidateCompression(d *Daemon, key string, value string) error { + if value == "none" { + return nil + } + _, err := exec.LookPath(value) return err } From a830539478d35777f411551d485ddf6ffb0beff3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 21 Jun 2016 12:41:38 -0400 Subject: [PATCH 2/2] init: actually unset the storage keys MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/main.go b/lxd/main.go index 3968e18..99d10b4 100644 --- a/lxd/main.go +++ b/lxd/main.go @@ -833,7 +833,7 @@ they otherwise would. } // Unset all storage keys, core.https_address and core.trust_password - for _, key := range []string{"core.https_address", "core.trust_password"} { + for _, key := range []string{"storage.zfs_pool_name", "core.https_address", "core.trust_password"} { _, err = c.SetServerConfig(key, "") if err != nil { return err ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2130 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From b2039dd030efb39ef011df51ee90aaf81d838e63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 16 Jun 2016 15:56:59 -0400 Subject: [PATCH 1/4] Fail to add an existing certificate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/certificates.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/certificates.go b/lxd/certificates.go index a0502aa..f40ae02 100644 --- a/lxd/certificates.go +++ b/lxd/certificates.go @@ -141,7 +141,7 @@ func certificatesPost(d *Daemon, r *http.Request) Response { fingerprint := certGenerateFingerprint(cert) for _, existingCert := range d.clientCerts { if fingerprint == certGenerateFingerprint(&existingCert) { - return EmptySyncResponse + return BadRequest(fmt.Errorf("Certificate already in trust store")) } } From 8555723c814bc0b00b03ad8213cfb9d73819ca77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 16 Jun 2016 16:25:13 -0400 Subject: [PATCH 2/4] Fix failure to restore on btrfs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2058 Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index 2710c0c..f1b6a7d 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -249,7 +249,7 @@ func (s *storageBtrfs) ContainerRestore( } else { // Remove the backup, we made if s.isSubvolume(sourceBackupPath) { - return s.subvolDelete(sourceBackupPath) + return s.subvolsDelete(sourceBackupPath) } os.RemoveAll(sourceBackupPath) } From 129040d89359484376808fe8e542ea8aa993db16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 16 Jun 2016 16:40:08 -0400 Subject: [PATCH 3/4] Set Location on sync POST requests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2092 Signed-off-by: Stéphane Graber --- lxd/certificates.go | 17 - lxd/images.go | 4 ++-- lxd/profiles.go | 4 ++-- lxd/response.go | 10 ++ 4 files changed, 22 insertions(+), 13 deletions(-) diff --git a/lxd/certificates.go b/lxd/certificates.go index f40ae02..021b48f 100644 --- a/lxd/certificates.go +++ b/lxd/certificates.go @@ -96,20 +96,25 @@ func saveCert(d *Daemon, host string, cert *x509.Certificate) error { } func certificatesPost(d *Daemon, r *http.Request) Response { + // Parse the request req := certificatesPostBody{} - if err := shared.ReadToJSON(r.Body, &req); err != nil { return BadRequest(err) } + // Access check + if !d.isTrustedClient(r) && d.PasswordCheck(req.Password) != nil { + return Forbidden + } + if req.Type != "client" { return BadRequest(fmt.Errorf("Unknown request type %s", req.Type)) } + // Extract the certificate var cert *x509.Certificate var name string if req.Certificate != "" { - data, err := base64.StdEncoding.DecodeString(req.Certificate) if err != nil { return BadRequest(err) @@ -120,9 +125,7 @@ func certificatesPost(d *Daemon, r *http.Request) Response { return BadRequest(err) } name = req.Name - } else if r.TLS != nil { - if len(r.TLS.PeerCertificates) < 1 { return BadRequest(fmt.Errorf("No client certificate provided")) } @@ -145,10 +148,6 @@ func certificatesPost(d *Daemon, r *http.Request) Response { } } - if !d.isTrustedClient(r) && d.PasswordCheck(req.Password) != nil { - return Forbidden - } - err := saveCert(d, name, cert) if err != nil { return SmartError(err) @@ -156,7 +155,7 @@ func certificatesPost(d *Daemon, r *http.Request) Response { d.clientCerts = append(d.clientCerts, *cert) - return EmptySyncResponse + return SyncResponseLocation(true, nil, fmt.Sprintf("/%s/certificates/%s", shared.APIVersion, fingerprint)) } var certificatesCmd = Command{ diff --git a/lxd/images.go b/lxd/images.go index 8118d8f..b5d8e31 100644 --- a/lxd/images.go +++ b/lxd/images.go @@ -1093,7 +1093,7 @@ func aliasesPost
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2079 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 16eae582b86066845f77f9d7c9a96a85ce50da12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 3 Jun 2016 14:54:32 -0400 Subject: [PATCH 1/2] patches: Fix DB test, we now have 17 tables MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/database_update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/suites/database_update.sh b/test/suites/database_update.sh index d89d757..e178ee9 100644 --- a/test/suites/database_update.sh +++ b/test/suites/database_update.sh @@ -11,7 +11,7 @@ test_database_update(){ spawn_lxd "${LXD_MIGRATE_DIR}" # Assert there are enough tables. - expected_tables=16 + expected_tables=17 tables=$(sqlite3 "${MIGRATE_DB}" ".dump" | grep -c "CREATE TABLE") [ "${tables}" -eq "${expected_tables}" ] || { echo "FAIL: Wrong number of tables after database migration. Found: ${tables}, expected ${expected_tables}"; false; } From 2f63efceaadbba432624c2348507b374a74f50d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 3 Jun 2016 15:00:46 -0400 Subject: [PATCH 2/2] Makefile: go get has become worse, now need 3 runs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ran into that with the recent bugfix releases, make dist was failing, doing one more go get fixed it... Signed-off-by: Stéphane Graber --- Makefile | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index edc11ed..2b08f8e 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,8 @@ ARCHIVE=lxd-$(VERSION).tar .PHONY: default default: - # Must run twice due to go get race + # Must a few times due to go get race + -go get -t -v -d ./... -go get -t -v -d ./... -go get -t -v -d ./... go install -v $(DEBUG) ./... @@ -20,7 +21,8 @@ default: .PHONY: client client: - # Must run twice due to go get race + # Must a few times due to go get race + -go get -t -v -d ./... -go get -t -v -d ./... -go get -t -v -d ./... go install -v $(DEBUG) ./lxc @@ -28,7 +30,8 @@ client: .PHONY: update update: - # Must run twice due to go get race + # Must a few times due to go get race + -go get -t -v -d -u ./... -go get -t -v -d -u ./... go get -t -v -d -u ./... @echo "Dependencies updated" ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2045 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From aeaf3fe536919c07c6a6dc21d9c7cc8dfaa61816 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 24 May 2016 14:34:01 -0400 Subject: [PATCH 1/2] Add missing linebreak to lxd help MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/main.go b/lxd/main.go index 27265b8..ba4841c 100644 --- a/lxd/main.go +++ b/lxd/main.go @@ -159,7 +159,7 @@ func run() error { fmt.Printf("callhook\n") fmt.Printf("Call a container hook\n") fmt.Printf("netcat\n") - fmt.Printf("Mirror a unix socket to stdin/stdout") + fmt.Printf("Mirror a unix socket to stdin/stdout\n") } // Parse the arguments From c4995439bccc86ccd4f28283a27bdd8c0c0a4fb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 25 May 2016 11:35:31 -0400 Subject: [PATCH 2/2] zfs: Improve block device detection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When attempting to find the right block device for a zpool, only consider actual block devices. Signed-off-by: Stéphane Graber --- lxd/devices.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lxd/devices.go b/lxd/devices.go index 0c95dc8..529450d 100644 --- a/lxd/devices.go +++ b/lxd/devices.go @@ -723,11 +723,11 @@ func deviceGetParentBlocks(path string) ([]string, error) { devices = append(devices, dev) } } - } else if shared.PathExists(fmt.Sprintf("/dev/%s", fields[0])) { + } else if deviceIsBlockdev(fmt.Sprintf("/dev/%s", fields[0])) { path = fmt.Sprintf("/dev/%s", fields[0]) - } else if shared.PathExists(fmt.Sprintf("/dev/disk/by-id/%s", fields[0])) { + } else if deviceIsBlockdev(fmt.Sprintf("/dev/disk/by-id/%s", fields[0])) { path = fmt.Sprintf("/dev/disk/by-id/%s", fields[0]) - } else if shared.PathExists(fmt.Sprintf("/dev/mapper/%s", fields[0])) { + } else if deviceIsBlockdev(fmt.Sprintf("/dev/mapper/%s", fields[0])) { path = fmt.Sprintf("/dev/mapper/%s", fields[0]) } else { continue ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2012 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 434c76566a8ee175380ccbdfb7374e4cd04c7f80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 10 May 2016 18:21:57 -0400 Subject: [PATCH 1/3] Properly record the source of all image copies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #2010 Signed-off-by: Stéphane Graber --- client.go | 32 +++- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/client.go b/client.go index 6338017..d1f07ea 100644 --- a/client.go +++ b/client.go @@ -580,27 +580,25 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase return err } - if c.Remote.Protocol != "simplestreams" { - if !info.Public { - var secret string + if c.Remote.Protocol != "simplestreams" && !info.Public { + var secret string - resp, err := c.post("images/"+image+"/secret", nil, Async) - if err != nil { - return err - } - - op, err := resp.MetadataAsOperation() - if err != nil { - return err - } + resp, err := c.post("images/"+image+"/secret", nil, Async) + if err != nil { + return err + } - secret, err = op.Metadata.GetString("secret") - if err != nil { - return err - } + op, err := resp.MetadataAsOperation() + if err != nil { + return err + } - source["secret"] = secret + secret, err = op.Metadata.GetString("secret") + if err != nil { + return err } + + source["secret"] = secret source["fingerprint"] = image } From 19f39710c4ab67051d622f95baa87bfac7c63e4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 10 May 2016 18:51:27 -0400 Subject: [PATCH 2/3] Don't mark containers as ERROR while being created MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1988 Signed-off-by: Stéphane Graber --- lxd/storage.go | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/lxd/storage.go b/lxd/storage.go index 68f30be..a17b205 100644 --- a/lxd/storage.go +++ b/lxd/storage.go @@ -234,6 +234,9 @@ func newStorageWithConfig(d *Daemon, sType storageType, config map[string]interf } func storageForFilename(d *Daemon, filename string) (storage, error) { + var filesystem string + var err error + config := make(map[string]interface{}) storageType := storageTypeDir @@ -241,9 +244,11 @@ func storageForFilename(d *Daemon, filename string) (storage, error) { return newStorageWithConfig(d, storageTypeMock, config) } - filesystem, err := filesystemDetect(filename) - if err != nil { - return nil, fmt.Errorf("couldn't detect filesystem for '%s': %v", filename, err) + if shared.PathExists(filename) { + filesystem, err = filesystemDetect(filename) + if err != nil { + return nil, fmt.Errorf("couldn't detect filesystem for '%s': %v", filename, err) + } } if shared.PathExists(filename + ".lv") { From fa5861c5deb3dfc5ef3c899ba85d4ef35cae3b25 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 10 May 2016 19:07:33 -0400 Subject: [PATCH 3/3] Cleanup events sent for operations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes the following two issues: - No-change events being emitted on websocket connects - Out of order events on operation completion Closes #1992 Signed-off-by: Stéphane Graber --- lxd/operations.go | 8 ++-- 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/lxd/operations.go b/lxd/operations.go index 63e9ea9..b50d3c7 100644 --- a/lxd/operations.go +++ b/lxd/operations.go @@ -129,9 +129,11 @@ func (op *operation) Run() (chan error, error) { op.done() chanRun <- nil + op.lock.Lock() shared.Debugf("Success for %s operation: %s", op.class.String(), op.id) _, md, _ := op.Render() eventSend("
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1979 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 31c9400d06ca0d270e97fe485baef231225ce4ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 1 May 2016 10:30:17 -0400 Subject: [PATCH 1/3] zfs: Don't ignore errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/storage_zfs.go | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lxd/storage_zfs.go b/lxd/storage_zfs.go index 9c73fc3..4d8d932 100644 --- a/lxd/storage_zfs.go +++ b/lxd/storage_zfs.go @@ -667,7 +667,10 @@ func (s *storageZfs) ImageDelete(fingerprint string) error { } if shared.PathExists(shared.VarPath(fs + ".zfs")) { - os.Remove(shared.VarPath(fs + ".zfs")) + err := os.Remove(shared.VarPath(fs + ".zfs")) + if err != nil { + return err + } } return nil From 2eaad4ab40e9c527e06f2054a7aa937ed204edf7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 1 May 2016 11:51:27 -0400 Subject: [PATCH 2/3] Properly update the mode, uid and gid on existing files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1975 Signed-off-by: Stéphane Graber --- client.go| 2 +- lxd/container.go | 2 +- lxd/container_lxc.go | 11 +-- lxd/nsexec.go| 41 ++--- shared/util.go | 18 ++ 5 files changed, 59 insertions(+), 15 deletions(-) diff --git a/client.go b/client.go index 7a1e163..0254b5b 100644 --- a/client.go +++ b/client.go @@ -1662,7 +1662,7 @@ func (c *Client) PushFile(container string, p string, gid int, uid int, mode os. return err } -func (c *Client) PullFile(container string, p string) (int, int, os.FileMode, io.ReadCloser, error) { +func (c *Client) PullFile(container string, p string) (int, int, int, io.ReadCloser, error) { if c.Remote.Public { return 0, 0, 0, nil, fmt.Errorf("This function isn't supported by public remotes.") } diff --git a/lxd/container.go b/lxd/container.go index 89b7ac1..b460410 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -327,7 +327,7 @@ type container interface { // File handling FilePull(srcpath string, dstpath string) (int, int, os.FileMode, error) - FilePush(srcpath string, dstpath string, uid int, gid int, mode os.FileMode) error + FilePush(srcpath string, dstpath string, uid int, gid int, mode int) error // Command execution Exec(command []string, env map[string]string, stdin *os.File, stdout *os.File, stderr *os.File) (int, error) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index eb00220..c2d683d 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -2927,7 +2927,10 @@ func (c *containerLXC) FilePull(srcpath string, dstpath string) (int, int, os.Fi return uid, gid, os.FileMode(mode), nil } -func (c *containerLXC) FilePush(srcpath string, dstpath string, uid int, gid int, mode os.FileMode) error { +func (c *containerLXC) FilePush(srcpath string, dstpath string, uid int, gid int, mode int) error { + var rootUid = 0 + var rootGid = 0 + // Map uid and gid if needed idmapset, err := c.LastIdmapSet() if err != nil { @@ -2936,6 +2939,7 @@ func (c *containerLXC) FilePush(srcpath string, dstpath string, uid int, gid int if idmapset != nil { uid, gid = idmapset.ShiftIntoNs(uid, gid) + rootUid, rootGid = idmapset.ShiftIntoNs(0, 0) } // Setup container storage if needed @@ -2956,7 +2960,10 @@ func (c *containerLXC) FilePush(srcpath string, dstpath string, uid int, gid int dstpath, fmt.Sprintf("%d", uid), fmt.Sprintf("%d", gid), - fmt.Sprintf("%d", mode&os.ModePerm), + fmt.Sprintf("%d", mode), + fmt.Sprintf("%d", rootUid), + fmt.Sprintf("%d", rootGid), + fmt.Sprintf("%d", int(os.FileMode(0640)&os.ModePerm)), ).CombinedOutput() // Tear down container storage if needed diff --git a/lxd/nsexec.go b/lxd/nsexec.go index a25c739..836adad 100644 --- a/lxd/nsexec.go +++ b/lxd/nsexec.go @@ -117,11 +117,12 @@ int dosetns(int pid, char *nstype) { return 0; } -int manip_file_in_ns(char *rootfs, int pid, char *host, char *container, bool is_put, uid_t uid, gid_t gid, mode_t mode) { +int manip_file_in_ns(char *rootfs, int pid, char *host, char *container, bool is_put, uid_t uid, gid_t gid, mode_t mode, uid_t defa
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1970 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From cb8233b7a2dd6c3256c4bacba390097824562326 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 27 Apr 2016 20:19:10 -0400 Subject: [PATCH 1/2] Use the same key check for unix-char and unix-block MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container.go | 19 +-- 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/lxd/container.go b/lxd/container.go index dd10b30..89b7ac1 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -112,24 +112,7 @@ func containerValidDeviceConfigKey(t, k string) bool { } switch t { - case "unix-char": - switch k { - case "gid": - return true - case "major": - return true - case "minor": - return true - case "mode": - return true - case "path": - return true - case "uid": - return true - default: - return false - } - case "unix-block": + case "unix-char", "unix-block": switch k { case "gid": return true From 652e49c7505db260ff989c5780c4126951e5f411 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 28 Apr 2016 18:45:36 -0400 Subject: [PATCH 2/2] Allow removing when fs object no longer exists MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This allows for the removal of container, image or snapshot that have been manually removed from the filesystem. Closes #1967 Signed-off-by: Stéphane Graber --- lxd/storage_btrfs.go | 18 +-- lxd/storage_dir.go | 4 ++ lxd/storage_zfs.go | 139 +++ 3 files changed, 91 insertions(+), 70 deletions(-) diff --git a/lxd/storage_btrfs.go b/lxd/storage_btrfs.go index 5093d4c..e9903c0 100644 --- a/lxd/storage_btrfs.go +++ b/lxd/storage_btrfs.go @@ -122,10 +122,12 @@ func (s *storageBtrfs) ContainerDelete(container container) error { } // Then the directory (if it still exists). - err := os.RemoveAll(cPath) - if err != nil { - s.log.Error("ContainerDelete: failed", log.Ctx{"cPath": cPath, "err": err}) - return fmt.Errorf("Error cleaning up %s: %s", cPath, err) + if shared.PathExists(cPath) { + err := os.RemoveAll(cPath) + if err != nil { + s.log.Error("ContainerDelete: failed", log.Ctx{"cPath": cPath, "err": err}) + return fmt.Errorf("Error cleaning up %s: %s", cPath, err) + } } return nil @@ -423,7 +425,13 @@ func (s *storageBtrfs) ImageDelete(fingerprint string) error { imagePath := shared.VarPath("images", fingerprint) subvol := fmt.Sprintf("%s.btrfs", imagePath) - return s.subvolDelete(subvol) + if s.isSubvolume(subvol) { + if err := s.subvolsDelete(subvol); err != nil { + return err + } + } + + return nil } func (s *storageBtrfs) subvolCreate(subvol string) error { diff --git a/lxd/storage_dir.go b/lxd/storage_dir.go index 652d7eb..f0c892e 100644 --- a/lxd/storage_dir.go +++ b/lxd/storage_dir.go @@ -82,6 +82,10 @@ func (s *storageDir) ContainerCanRestore(container container, sourceContainer co func (s *storageDir) ContainerDelete(container container) error { cPath := container.Path() + if !shared.PathExists(cPath) { + return nil + } + err := os.RemoveAll(cPath) if err != nil { // RemovaAll fails on very long paths, so attempt an rm -Rf diff --git a/lxd/storage_zfs.go b/lxd/storage_zfs.go index 7b35aa9..9c73fc3 100644 --- a/lxd/storage_zfs.go +++ b/lxd/storage_zfs.go @@ -182,61 +182,63 @@ func (s *storageZfs) ContainerCanRestore(container container, sourceContainer co func (s *storageZfs) ContainerDelete(container container) error { fs := fmt.Sprintf("containers/%s", container.Name()) - removable := true - snaps, err := s.zfsListSnapshots(fs) - if err != nil { - return err - } - - for _, snap := range snaps { - var err error - removable, err = s.zfsSnapshotRemovable(fs, snap) + if s.zfsExists(fs) { + removable := true + snaps, err := s.zfsListSnapshots(fs)
[lxc-devel] [lxd/master] Bugfixes and tests
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1846 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 130177131f8914e4a182fcf2482a59009ba91e32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 3 Apr 2016 03:00:33 -0400 Subject: [PATCH 1/2] Update bash completion to use --fast MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit That helps when dealing with hundreds of containers. Signed-off-by: Stéphane Graber --- config/bash/lxd-client | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/bash/lxd-client b/config/bash/lxd-client index 97d46ef..631d7e8 100644 --- a/config/bash/lxd-client +++ b/config/bash/lxd-client @@ -4,7 +4,7 @@ _have lxc && { _lxd_names() { COMPREPLY=( $( compgen -W \ -"$( lxc list | tail -n +4 | awk '{print $2}' | egrep -v '^(\||^$)' )" "$cur" ) +"$( lxc list --fast | tail -n +4 | awk '{print $2}' | egrep -v '^(\||^$)' )" "$cur" ) ) } From cb88ef949e3b4d81f50172fd09ef6a85ccfe5bfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 3 Apr 2016 04:55:46 -0400 Subject: [PATCH 2/2] tests: Add benchmarking tool MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/lxd-benchmark/main.go | 311 + 1 file changed, 311 insertions(+) create mode 100644 test/lxd-benchmark/main.go diff --git a/test/lxd-benchmark/main.go b/test/lxd-benchmark/main.go new file mode 100644 index 000..b3ce881 --- /dev/null +++ b/test/lxd-benchmark/main.go @@ -0,0 +1,311 @@ +package main + +import ( + "fmt" + "io/ioutil" + "os" + "strings" + "sync" + "time" + + "github.com/lxc/lxd" + "github.com/lxc/lxd/shared" + "github.com/lxc/lxd/shared/gnuflag" +) + +var argCount = gnuflag.Int("count", 100, "Number of containers to create") +var argImage = gnuflag.String("image", "ubuntu:", "Image to use for the test") +var argPrivileged = gnuflag.Bool("privileged", false, "Use privileged containers") + +func main() { + err := run(os.Args) + if err != nil { + fmt.Fprintf(os.Stderr, "error: %s\n", err) + os.Exit(1) + } + + os.Exit(0) +} + +func run(args []string) error { + // Parse command line + gnuflag.Parse(true) + + if len(os.Args) == 1 || !shared.StringInSlice(os.Args[1], []string{"spawn", "delete"}) { + fmt.Printf("Usage: %s spawn [--count=COUNT] [--image=IMAGE] [--privileged=BOOL]\n", os.Args[0]) + fmt.Printf(" %s delete\n\n", os.Args[0]) + gnuflag.Usage() + fmt.Printf("\n") + return fmt.Errorf("An action (spawn or delete) must be passed.") + } + + // Connect to LXD + c, err := lxd.NewClient(&lxd.DefaultConfig, "local") + if err != nil { + return err + } + + switch os.Args[1] { + case "spawn": + return spawnContainers(c, *argCount, *argImage, *argPrivileged) + case "delete": + return deleteContainers(c) + } + + return nil +} + +func logf(format string, args ...interface{}) { + fmt.Printf(fmt.Sprintf("[%s] %s\n", time.Now().Format(time.StampMilli), format), args...) +} + +func spawnContainers(c *lxd.Client, count int, image string, privileged bool) error { + // Detect the number of parallel actions + cpus, err := ioutil.ReadDir("/sys/bus/cpu/devices") + if err != nil { + return err + } + + batch := len(cpus) + batches := count / batch + remainder := count % batch + + // Print the test header + st, err := c.ServerStatus() + if err != nil { + return err + } + + privilegedStr := "unprivileged" + if privileged { + privilegedStr = "privileged" + } + + fmt.Printf("Test environment:\n") + fmt.Printf(" Server backend: %s\n", st.Environment.Server) + fmt.Printf(" Server version: %s\n", st.Environment.ServerVersion) + fmt.Printf(" Kernel: %s\n", st.Environment.Kernel) + fmt.Printf(" Kernel architecture: %s\n", st.Environment.KernelArchitecture) + fmt.Printf(" Kernel version: %s\n", st.Environment.KernelVersion) + fmt.Printf(" Storage backend: %s\n", st.Environment.Storage) + fmt.Printf(" Storage version: %s\n", st.Environment.StorageVersion) + fmt.Printf(" Container backend: %s\n", st.Environment.Driver) + fmt.Printf(" Container version: %s\n", st.Environment.DriverVersion) + fmt.Printf("\n") + fmt.Printf("Test variables:\n") + fmt.
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1835 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 325f559e339444abefb74bbaea14d17531004c69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 31 Mar 2016 17:01:04 -0400 Subject: [PATCH 1/2] Failure to unload the apparmor profile isn't fatal MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If it was unloaded already somehow, then that's fine, if it can't be unloaded, then keep it loaded and we'll just replace it on next startup. Closes #1834 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 7 ++- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 8918160..a8e6037 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1425,11 +1425,8 @@ func (c *containerLXC) OnStop(target string) error { return err } - // Unlock the apparmor profile - err = AAUnloadProfile(c) - if err != nil { - return err - } + // Unload the apparmor profile + AAUnloadProfile(c) // FIXME: The go routine can go away once we can rely on LXC_TARGET go func(c *containerLXC, target string, wg *sync.WaitGroup) { From 3cb413d8df0ac8f2b6afa0aa880165b8ed7fcf00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 31 Mar 2016 17:02:01 -0400 Subject: [PATCH 2/2] Prevent deadlock on container stop failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1834 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 1 + 1 file changed, 1 insertion(+) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index a8e6037..9ad3a9c 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -1422,6 +1422,7 @@ func (c *containerLXC) OnStop(target string) error { // Stop the storage for this container err := c.StorageStop() if err != nil { + wg.Done() return err } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1832 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 092e6ef603d56b2389d9312d6ba03df02de51628 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 30 Mar 2016 22:52:09 -0400 Subject: [PATCH 1/4] doc: Fix bad markdown MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- doc/configuration.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/configuration.md b/doc/configuration.md index 7ad2d02..57dfec6 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -23,9 +23,9 @@ core.https\_address | string| - | Ad core.https\_allowed\_origin | string| - | Access-Control-Allow-Origin http header value core.https\_allowed\_methods| string| - | Access-Control-Allow-Methods http header value core.https\_allowed\_headers| string| - | Access-Control-Allow-Headers http header value -core.proxy\_https | string| - | https proxy to use, if any (falls back to HTTPS_PROXY environment variable) -core.proxy\_http| string| - | http proxy to use, if any (falls back to HTTP_PROXY environment variable) -core.proxy\_ignore\_hosts | string| - | hosts which don't need the proxy for use (similar format to NO_PROXY, e.g. 1.2.3.4,1.2.3.5, falls back to NO_PROXY environment varialbe) +core.proxy\_https | string| - | https proxy to use, if any (falls back to HTTPS\_PROXY environment variable) +core.proxy\_http| string| - | http proxy to use, if any (falls back to HTTP\_PROXY environment variable) +core.proxy\_ignore\_hosts | string| - | hosts which don't need the proxy for use (similar format to NO\_PROXY, e.g. 1.2.3.4,1.2.3.5, falls back to NO\_PROXY environment varialbe) core.trust\_password| string| - | Password to be provided by clients to setup a trust storage.lvm\_vg\_name | string| - | LVM Volume Group name to be used for container and image storage. A default Thin Pool is created using 100% of the free space in the Volume Group, unless `storage.lvm_thinpool_name` is set. storage.lvm\_thinpool\_name | string| "LXDPool" | LVM Thin Pool to use within the Volume Group specified in `storage.lvm_vg_name`, if the default pool parameters are undesirable. From 03139ff3adf6238c3863595f748fb36f4e358b28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 30 Mar 2016 23:13:25 -0400 Subject: [PATCH 2/4] Apply all templates at container startup time MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1829 Signed-off-by: Stéphane Graber --- doc/configuration.md | 1 + lxd/container.go | 2 ++ lxd/container_lxc.go | 32 +++- lxd/storage_btrfs.go | 1 - lxd/storage_dir.go | 1 - 5 files changed, 34 insertions(+), 3 deletions(-) diff --git a/doc/configuration.md b/doc/configuration.md index 57dfec6..e07581f 100644 --- a/doc/configuration.md +++ b/doc/configuration.md @@ -91,6 +91,7 @@ Key | Type | Default | Description :-- | :--- | :-- | :-- volatile.\.hwaddr| string| - | Network device MAC address (when no hwaddr property is set on the device itself) volatile.\.name | string| - | Network device name (when no name propery is set on the device itself) +volatile.apply\_template| string| - | The name of a template hook which should be triggered upon next startup volatile.base\_image| string| - | The hash of the image the container was created from, if any. volatile.last\_state.idmap | string| - | Serialized container uid/gid map volatile.last\_state.power | string| - | Container state as of last host shutdown diff --git a/lxd/container.go b/lxd/container.go index b5bea0e..5e216a6 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -75,6 +75,8 @@ func containerValidConfigKey(k string) bool { return true case "raw.lxc": return true + case "volatile.apply_template": + return true case "volatile.base_image": return true
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1818 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 1c0d2389064a01813c7ad2baf6bb7c8a45aed680 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 28 Mar 2016 14:02:27 -0400 Subject: [PATCH 1/3] Clarify the ZFS restore error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1815 Signed-off-by: Stéphane Graber --- lxd/storage_zfs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/storage_zfs.go b/lxd/storage_zfs.go index a9ecafd..438d2a7 100644 --- a/lxd/storage_zfs.go +++ b/lxd/storage_zfs.go @@ -178,7 +178,7 @@ func (s *storageZfs) ContainerCanRestore(container container, sourceContainer co } if snapshots[len(snapshots)-1] != snapName { - return fmt.Errorf("ZFS only supports restoring state to the latest snapshot.") + return fmt.Errorf("ZFS can only restore from the latest snapshot. Delete newer snapshots or copy the snapshot into a new container instead.") } return nil From 7d54edeb2cd6491b8c21bf05ee7ff8a453f26497 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 28 Mar 2016 17:44:17 -0400 Subject: [PATCH 2/3] lxd-bridge: Don't fail due to missing IPv6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1811 Signed-off-by: Stéphane Graber --- lxd-bridge/lxd-bridge | 18 -- 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/lxd-bridge/lxd-bridge b/lxd-bridge/lxd-bridge index 5343ae8..e02d2c6 100755 --- a/lxd-bridge/lxd-bridge +++ b/lxd-bridge/lxd-bridge @@ -32,6 +32,10 @@ LXD_IPV6_PROXY="true" use_iptables_lock="-w" iptables -w -L -n > /dev/null 2>&1 || use_iptables_lock="" +HAS_IPV6=false +[ -e "/proc/sys/net/ipv6/conf/default/disable_ipv6" ] && \ +[ "$(cat /proc/sys/net/ipv6/conf/default/disable_ipv6)" = "0" ] && HAS_IPV6=true + _netmask2cidr () { # Assumes there's no "255." after a non-255 byte in the mask @@ -47,7 +51,7 @@ ifdown() { } ifup() { -ip addr add fe80::1/64 dev "${1}" +[ "${HAS_IPV6}" = "true" ] && ip addr add fe80::1/64 dev "${1}" if [ -n "${LXD_IPV4_NETMASK}" ] && [ -n "${LXD_IPV4_ADDR}" ]; then MASK=$(_netmask2cidr ${LXD_IPV4_NETMASK}) CIDR_ADDR="${LXD_IPV4_ADDR}/${MASK}" @@ -81,8 +85,10 @@ start() { # set up the lxd network [ ! -d "/sys/class/net/${LXD_BRIDGE}" ] && ip link add dev "${LXD_BRIDGE}" type bridge -echo 0 > "/proc/sys/net/ipv6/conf/${LXD_BRIDGE}/autoconf" || true -echo 0 > "/proc/sys/net/ipv6/conf/${LXD_BRIDGE}/accept_dad" || true +if [ "${HAS_IPV6}" = "true" ]; then +echo 0 > "/proc/sys/net/ipv6/conf/${LXD_BRIDGE}/autoconf" || true +echo 0 > "/proc/sys/net/ipv6/conf/${LXD_BRIDGE}/accept_dad" || true +fi # if we are run from systemd on a system with selinux enabled, # the mkdir will create /run/lxd as init_var_run_t which dnsmasq @@ -113,7 +119,7 @@ start() { fi LXD_IPV6_ARG="" -if [ -n "${LXD_IPV6_ADDR}" ] && [ -n "${LXD_IPV6_MASK}" ] && [ -n "${LXD_IPV6_NETWORK}" ]; then +if [ "${HAS_IPV6}" = "true" ] && [ -n "${LXD_IPV6_ADDR}" ] && [ -n "${LXD_IPV6_MASK}" ] && [ -n "${LXD_IPV6_NETWORK}" ]; then # IPv6 sysctls don't respect the "all" path... for interface in /proc/sys/net/ipv6/conf/*; do echo 2 > "${interface}/accept_ra" @@ -161,7 +167,7 @@ start() { dnsmasq ${LXD_CONFILE_ARG} ${LXD_DOMAIN_ARG} -u "${DNSMASQ_USER}" --strict-order --bind-interfaces --pid-file="${varrun}/dnsmasq.pid" --dhcp-no-override --except-interface=lo --interface="${LXD_BRIDGE}" --dhcp-leasefile="${varlib}/dnsmasq.${LXD_BRIDGE}.leases" --dhcp-authoritative ${LXD_IPV4_ARG} ${LXD_IPV6_ARG} || cleanup fi -if [ "${LXD_IPV6_PROXY}" = "true" ]; then +if [ "${HAS_IPV6}" = "true" ] && [ "${LXD_IPV6_PROXY}" = "true" ]; then PATH="${PATH}:$(dirname "${0}")" lxd-bridge-proxy --addr="[fe80::1%${LXD_BRIDGE}]:3128" & PID=$! echo "${PID}" > "${varrun}/proxy.pid" @@ -188,7 +194,7 @@ stop() { iptables ${use_iptables_lock} -t nat -D POSTROUTING -s ${LXD_IPV4_NETWORK} ! -d ${LXD_IPV4_NETWORK} -j MASQUERADE fi -if [ -n "${LXD_IPV6_NETWORK}" ] && [ "${LXD_IPV6_NAT}" = "true" ]; then +if [ "${HAS_IPV6}" = "true" ] && [ -n "${LXD_IPV6_NETWORK}" ] && [ "${LXD_IPV6_NAT}" = "true" ]; then ip6tables ${use_iptables_lock} -t nat -D POSTROUTING -s ${LXD_IPV6_NETWORK} ! -d ${LXD_IPV6_NETWORK} -j MASQUERADE fi From a3e4a7a98a6476c6a508ca9db055a3b373de869c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 28
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1766 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 4c2678bf2e68c90dcde7d3fdf5b37e24f461aff8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 16 Mar 2016 15:52:33 -0400 Subject: [PATCH 1/4] More strictly parse remote URLs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1763 Signed-off-by: Stéphane Graber --- lxc/remote.go | 24 - po/lxd.pot| 69 +++ 2 files changed, 55 insertions(+), 38 deletions(-) diff --git a/lxc/remote.go b/lxc/remote.go index 0c9cbca..6f54717 100644 --- a/lxc/remote.go +++ b/lxc/remote.go @@ -79,7 +79,7 @@ func getRemoteCertificate(address string) (*x509.Certificate, error) { // Retrieve the certificate if resp.TLS == nil || len(resp.TLS.PeerCertificates) == 0 { - return nil, fmt.Errorf("Unable to read remote TLS certificate") + return nil, fmt.Errorf(i18n.G("Unable to read remote TLS certificate")) } return resp.TLS.PeerCertificates[0], nil @@ -95,24 +95,28 @@ func (c *remoteCmd) addServer(config *lxd.Config, server string, addr string, ac config.Remotes = make(map[string]lxd.RemoteConfig) } - // Fast track simplestreams - if protocol == "simplestreams" { - config.Remotes[server] = lxd.RemoteConfig{Addr: addr, Public: true, Protocol: protocol} - return nil - } - /* Complex remote URL parsing */ remoteURL, err := url.Parse(addr) if err != nil { return err } + // Fast track simplestreams + if protocol == "simplestreams" { + if remoteURL.Scheme != "https" { + return fmt.Errorf(i18n.G("Only https URLs are supported for simplestreams")) + } + + config.Remotes[server] = lxd.RemoteConfig{Addr: addr, Public: true, Protocol: protocol} + return nil + } + if remoteURL.Scheme != "" { if remoteURL.Scheme != "unix" && remoteURL.Scheme != "https" { - rScheme = "https" - } else { - rScheme = remoteURL.Scheme + return fmt.Errorf(i18n.G("Invalid URL scheme \"%s\" in \"%s\""), remoteURL.Scheme, addr) } + + rScheme = remoteURL.Scheme } else if addr[0] == '/' { rScheme = "unix" } else { diff --git a/po/lxd.pot b/po/lxd.pot index 66686ae..c2ec8cf 100644 --- a/po/lxd.pot +++ b/po/lxd.pot @@ -7,7 +7,7 @@ msgid "" msgstr "Project-Id-Version: lxd\n" "Report-Msgid-Bugs-To: lxc-devel@lists.linuxcontainers.org\n" -"POT-Creation-Date: 2016-03-02 19:53-0500\n" +"POT-Creation-Date: 2016-03-16 15:52-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -90,11 +90,11 @@ msgstr "" msgid "ARCHITECTURE" msgstr "" -#: lxc/remote.go:52 +#: lxc/remote.go:53 msgid "Accept certificate" msgstr "" -#: lxc/remote.go:216 +#: lxc/remote.go:250 #, c-format msgid "Admin password for %s: " msgstr "" @@ -143,7 +143,7 @@ msgstr "" msgid "Cannot provide container name to list" msgstr "" -#: lxc/remote.go:166 +#: lxc/remote.go:200 #, c-format msgid "Certificate fingerprint: %x" msgstr "" @@ -155,7 +155,7 @@ msgid "Changes state of one or more containers to %s.\n" "lxc %s [...]" msgstr "" -#: lxc/remote.go:239 +#: lxc/remote.go:273 msgid "Client certificate stored at server: " msgstr "" @@ -205,7 +205,7 @@ msgstr "" msgid "Copying the image: %s" msgstr "" -#: lxc/remote.go:181 +#: lxc/remote.go:215 msgid "Could not create server cert dir" msgstr "" @@ -251,12 +251,12 @@ msgid "Delete containers or container snapshots.\n" "Destroy containers or snapshots with any attached data (configuration, snapshots, ...)." msgstr "" -#: lxc/config.go:606 +#: lxc/config.go:610 #, c-format msgid "Device %s added to %s" msgstr "" -#: lxc/config.go:634 +#: lxc/config.go:640 #, c-format msgid "Device %s removed from %s" msgstr "" @@ -384,6 +384,11 @@ msgid "Initialize a container from a particular image.\n" "lxc init ubuntu u1" msgstr "" +#: lxc/remote.go:116 +#, c-format +msgid "Invalid URL scheme \"%s\" in \"%s\"" +msgstr "" + #: lxc/init.go:30 lxc/init.go:35 msgid "Invalid configuration key" msgstr "" @@ -552,7 +557,7 @@ msgid "Manage files on a container.\n" " in the case of pull, in the case of push and in the case of edit are /" msgstr "
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1774 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 1c1d595f10b44c5ac8dac2f8e61e6d120413ece2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 17 Mar 2016 15:06:46 -0400 Subject: [PATCH 1/2] Improve error reporting on image POST MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1772 Signed-off-by: Stéphane Graber --- lxd/images.go | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lxd/images.go b/lxd/images.go index 96a9f8e..b0cef5b 100644 --- a/lxd/images.go +++ b/lxd/images.go @@ -651,9 +651,16 @@ func imagesPost(d *Daemon, r *http.Request) Response { // Is this a container request? post.Seek(0, 0) decoder := json.NewDecoder(post) + imageUpload := false + req := imagePostReq{} err = decoder.Decode(&req) - imageUpload := err != nil + if err != nil { + if r.Header.Get("Content-Type") == "application/json" { + return BadRequest(err) + } + imageUpload = true + } if !imageUpload && !shared.StringInSlice(req.Source["type"], []string{"container", "snapshot", "image", "url"}) { cleanup(builddir, post) From d43a119b8ffcb9e58809c6c4e67209acc066118f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 17 Mar 2016 15:46:42 -0400 Subject: [PATCH 2/2] Fix error handling logic around snapshots MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1768 Signed-off-by: Stéphane Graber --- lxd/container.go | 25 - 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/lxd/container.go b/lxd/container.go index e0b02c8..b5bea0e 100644 --- a/lxd/container.go +++ b/lxd/container.go @@ -482,26 +482,18 @@ func containerCreateAsCopy(d *Daemon, args containerArgs, sourceContainer contai } func containerCreateAsSnapshot(d *Daemon, args containerArgs, sourceContainer container) (container, error) { - // Create the snapshot - c, err := containerCreateInternal(d, args) - if err != nil { - return nil, err - } - // Deal with state if args.Stateful { + if !sourceContainer.IsRunning() { + return nil, fmt.Errorf("Container not running, cannot do stateful snapshot") + } + stateDir := sourceContainer.StatePath() - err = os.MkdirAll(stateDir, 0700) + err := os.MkdirAll(stateDir, 0700) if err != nil { - c.Delete() return nil, err } - if !sourceContainer.IsRunning() { - c.Delete() - return nil, fmt.Errorf("Container not running, cannot do stateful snapshot") - } - /* TODO: ideally we would freeze here and unfreeze below after * we've copied the filesystem, to make sure there are no * changes by the container while snapshotting. Unfortunately @@ -520,10 +512,17 @@ func containerCreateAsSnapshot(d *Daemon, args containerArgs, sourceContainer co } if err != nil { + os.RemoveAll(sourceContainer.StatePath()) return nil, err } } + // Create the snapshot + c, err := containerCreateInternal(d, args) + if err != nil { + return nil, err + } + // Clone the container if err := sourceContainer.Storage().ContainerSnapshotCreate(c, sourceContainer); err != nil { c.Delete() ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1741 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From e4b1fc877d2c02d4002c3a76eb46d1f606e83adc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 10 Mar 2016 12:48:03 -0500 Subject: [PATCH 1/2] Don't generate client certificates whe calling NewClient MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1738 Signed-off-by: Stéphane Graber --- client.go | 42 +- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/client.go b/client.go index 0479005..bb19b67 100644 --- a/client.go +++ b/client.go @@ -143,15 +143,6 @@ func HoistResponse(r *http.Response, rtype ResponseType) (*Response, error) { return resp, nil } -func ensureMyCert(configDir string) (string, string, error) { - certf := path.Join(configDir, "client.crt") - keyf := path.Join(configDir, "client.key") - - err := shared.FindOrGenCert(certf, keyf) - - return certf, keyf, err -} - // NewClient returns a new LXD client. func NewClient(config *Config, remote string) (*Client, error) { if remote == "" { @@ -173,20 +164,29 @@ func NewClient(config *Config, remote string) (*Client, error) { info.RemoteConfig.Addr = fmt.Sprintf("unix:%s", shared.VarPath("unix.socket")) } } else { - certf, keyf, err := ensureMyCert(config.ConfigDir) - if err != nil { - return nil, err - } - certBytes, err := ioutil.ReadFile(certf) - if err != nil { - return nil, err + // Read the client certificate (if it exists) + clientCertPath := path.Join(config.ConfigDir, "client.crt") + if shared.PathExists(clientCertPath) { + certBytes, err := ioutil.ReadFile(clientCertPath) + if err != nil { + return nil, err + } + + info.ClientPEMCert = string(certBytes) } - keyBytes, err := ioutil.ReadFile(keyf) - if err != nil { - return nil, err + + // Read the client key (if it exists) + clientKeyPath := path.Join(config.ConfigDir, "client.key") + if shared.PathExists(clientKeyPath) { + keyBytes, err := ioutil.ReadFile(clientKeyPath) + if err != nil { + return nil, err + } + + info.ClientPEMKey = string(keyBytes) } - info.ClientPEMCert = string(certBytes) - info.ClientPEMKey = string(keyBytes) + + // Read the server certificate (if it exists) serverCertPath := config.ServerCertPath(remote) if shared.PathExists(serverCertPath) { cert, err := shared.ReadCert(serverCertPath) From 632d101450e7769fd8f3f2817aa37bbc219f7605 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 10 Mar 2016 13:29:25 -0500 Subject: [PATCH 2/2] Forward errors from forkgetfile and forkputfile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1740 Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 8 lxd/nsexec.go| 36 ++-- 2 files changed, 30 insertions(+), 14 deletions(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index 4a5e56f..017127d 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -2714,6 +2714,10 @@ func (c *containerLXC) FilePull(srcpath string, dstpath string) error { // Process forkgetfile response if string(out) != "" { + if strings.HasPrefix(string(out), "error:") { + return fmt.Errorf(strings.TrimPrefix(strings.TrimSuffix(string(out), "\n"), "error: ")) + } + for _, line := range strings.Split(strings.TrimRight(string(out), "\n"), "\n") { shared.Debugf("forkgetfile: %s", line) } @@ -2773,6 +2777,10 @@ func (c *containerLXC) FilePush(srcpath string, dstpath string, uid int, gid int // Process forkputfile response if string(out) != "" { + if strings.HasPrefix(string(out), "error:") { + return fmt.Errorf(strings.TrimPrefix(strings.TrimSuffix(string(out), "\n"), "error: ")) + } + for _, line := range strings.Split(strings.TrimRight(string(out), "\n"), "\n") {
[lxc-devel] [lxd/master] Bugfixes and cleanups
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1712 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 8b0304120d153274fda00e02f254436af5173f22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 7 Mar 2016 11:34:10 -0500 Subject: [PATCH 1/3] Initialize the storage driver before messing with images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/daemon.go | 13 - 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/lxd/daemon.go b/lxd/daemon.go index 7843ff4..8cd784d 100644 --- a/lxd/daemon.go +++ b/lxd/daemon.go @@ -803,6 +803,14 @@ func (d *Daemon) Init() error { return err } + /* Setup the storage driver */ + if !d.IsMock { + err = d.SetupStorageDriver() + if err != nil { + return fmt.Errorf("Failed to setup storage: %s", err) + } + } + /* Prune images */ d.pruneChan = make(chan bool) go func() { @@ -868,11 +876,6 @@ func (d *Daemon) Init() error { } if !d.IsMock { - err = d.SetupStorageDriver() - if err != nil { - return fmt.Errorf("Failed to setup storage: %s", err) - } - /* Start the scheduler */ go deviceEventListener(d) From 396e8b979d83e075f843cd3d64ba909bfa2e3380 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 7 Mar 2016 12:19:18 -0500 Subject: [PATCH 2/3] Get one step closer to dropping lxd-images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Copy the busybox part to a testsuite-specific script and have the original script be just a shim around lxc image copy. Signed-off-by: Stéphane Graber --- scripts/lxd-images | 809 test/deps/import-busybox| 349 + test/extras/speedtest_create.sh | 2 +- test/main.sh| 2 +- test/suites/static_analysis.sh | 4 +- 5 files changed, 418 insertions(+), 748 deletions(-) create mode 100755 test/deps/import-busybox diff --git a/scripts/lxd-images b/scripts/lxd-images index 195f4bf..dc323e5 100755 --- a/scripts/lxd-images +++ b/scripts/lxd-images @@ -1,772 +1,93 @@ #!/usr/bin/env python3 -# Let's stick to core python3 modules import argparse -import atexit -import gettext -import hashlib -import http.client -import io -import json import os -import shutil -import socket -import subprocess import sys -import tarfile -import tempfile -import urllib.request -import uuid -# External dependencies: -# - gnupg -# - xz (or pxz) -_ = gettext.gettext -gettext.textdomain("lxd") -quiet = False +def import_ubuntu(parser, args): +remote = "ubuntu" +if args.stream == "daily": +remote = "ubuntu-daily" -class FriendlyParser(argparse.ArgumentParser): -def error(self, message): -sys.stderr.write('\nerror: %s\n' % message) -self.print_help() -sys.exit(2) +parts = [] +if args.release: +parts.append(args.release) +if args.architecture: +parts.append(args.architecture) -def msg(content, end=None): -if not quiet: -print(content, end=end) +if args.version: +parts.append(args.version) +image = "/".join(parts) -def find_on_path(command): -"""Is command on the executable search path?""" +cmd = ["lxc", "image", "copy", "%s:%s" % (remote, image), "local:"] -if 'PATH' not in os.environ: -return False -path = os.environ['PATH'] -for element in path.split(os.pathsep): -if not element: -continue -filename = os.path.join(element, command) -if os.path.isfile(filename) and os.access(filename, os.X_OK): -return True -return False +for alias in args.alias: +cmd += ["--alias", alias] +if args.public: +cmd += ["--public"] -def report_download(blocks_read, block_size, total_size): -size_read = blocks_read * block_size -percent = size_read/total_size*100 -if percent > 100: -return +if args.sync: +cmd += ["--auto-update"] -msg(_("Progress: %.0f %%") % percent, end='\r') +print("Redirecting to: %s" % " ".join(cmd), file=sys.stderr) +os.execvp("lxc", cmd) -def local_architecture(): -try: -import apt_pkg -apt_pkg.init() -return apt_pkg.config.find("APT::Architecture").lower() -except: -arch_tables = {'x86_64': "amd64", - 'i686': "i386", - 'armv7l': "armhf", - 'aarch64': "arm64", -
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1710 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From e709c4c8519cec840c1d8bb894ccd2863d9e0198 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 7 Mar 2016 10:56:25 -0500 Subject: [PATCH 1/2] Only attempt to load containers AFTER the socket is setup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As spawning containers starts a hook that requires LXD to be online, we shouldn't run any code which may cause container startup until after the sockets are setup. Closes #1628 Closes #1708 Closes #1696 Signed-off-by: Stéphane Graber --- lxd/daemon.go | 17 + 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/lxd/daemon.go b/lxd/daemon.go index 83a3686..7843ff4 100644 --- a/lxd/daemon.go +++ b/lxd/daemon.go @@ -873,17 +873,9 @@ func (d *Daemon) Init() error { return fmt.Errorf("Failed to setup storage: %s", err) } - /* Restart containers */ - go func() { - containersRestart(d) - }() - /* Start the scheduler */ go deviceEventListener(d) - /* Re-balance in case things changed while LXD was down */ - deviceTaskBalance(d) - /* Setup the TLS authentication */ certf, keyf, err := readMyCert() if err != nil { @@ -1047,6 +1039,15 @@ func (d *Daemon) Init() error { return nil }) + // Restore containers + if !d.IsMock { + /* Restart containers */ + go containersRestart(d) + + /* Re-balance in case things changed while LXD was down */ + deviceTaskBalance(d) + } + return nil } From 99edb9eee4856ad811e6b97310a31306c3fb8ac2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Mon, 7 Mar 2016 10:59:42 -0500 Subject: [PATCH 2/2] Restrict lxd init to root MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Closes #1700 Signed-off-by: Stéphane Graber --- lxd/main.go | 5 + 1 file changed, 5 insertions(+) diff --git a/lxd/main.go b/lxd/main.go index 1c04543..d54b8da 100644 --- a/lxd/main.go +++ b/lxd/main.go @@ -517,6 +517,11 @@ func setupLXD() error { var networkPort int // Port var trustPassword string // Trust password + // Only root should run this + if os.Geteuid() != 0 { + return fmt.Errorf("This must be run as root") + } + backendsAvailable := []string{"dir"} backendsSupported := []string{"dir", "zfs"} ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1695 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 7d2cd888db95c76ed92ff50445334c736d11b27b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 2 Mar 2016 19:53:56 -0500 Subject: [PATCH 1/2] Fix typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/image.go | 2 +- po/lxd.pot | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lxc/image.go b/lxc/image.go index c411e37..8ba1941 100644 --- a/lxc/image.go +++ b/lxc/image.go @@ -385,7 +385,7 @@ func (c *imageCmd) run(config *lxd.Config, args []string) error { } handler := func(percent int) { - fmt.Printf(i18n.G("Transfering image: %d%%")+"\r", percent) + fmt.Printf(i18n.G("Transferring image: %d%%")+"\r", percent) if percent == 100 { fmt.Printf("\n") } diff --git a/po/lxd.pot b/po/lxd.pot index 5457a2f..66686ae 100644 --- a/po/lxd.pot +++ b/po/lxd.pot @@ -7,7 +7,7 @@ msgid "" msgstr "Project-Id-Version: lxd\n" "Report-Msgid-Bugs-To: lxc-devel@lists.linuxcontainers.org\n" -"POT-Creation-Date: 2016-03-02 17:16-0500\n" +"POT-Creation-Date: 2016-03-02 19:53-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -959,7 +959,7 @@ msgstr "" #: lxc/image.go:388 #, c-format -msgid "Transfering image: %d%%" +msgid "Transferring image: %d%%" msgstr "" #: lxc/action.go:93 lxc/launch.go:130 From 9258c8b4eab47f68f538704e350828e3c430a448 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 3 Mar 2016 00:52:16 -0500 Subject: [PATCH 2/2] Fix incorrect device type in dbUpdateFromV26 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/db.go| 2 +- lxd/db_update.go | 14 ++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/lxd/db.go b/lxd/db.go index 75dfae5..be8be5a 100644 --- a/lxd/db.go +++ b/lxd/db.go @@ -34,7 +34,7 @@ type Profile struct { // Profiles will contain a list of all Profiles. type Profiles []Profile -const DB_CURRENT_VERSION int = 27 +const DB_CURRENT_VERSION int = 28 // CURRENT_SCHEMA contains the current SQLite SQL Schema. const CURRENT_SCHEMA string = ` diff --git a/lxd/db_update.go b/lxd/db_update.go index 9f88ba8..798431d 100644 --- a/lxd/db_update.go +++ b/lxd/db_update.go @@ -15,6 +15,14 @@ import ( log "gopkg.in/inconshreveable/log15.v2" ) +func dbUpdateFromV27(db *sql.DB) error { + stmt := ` +UPDATE profiles_devices SET type=3 WHERE type='unix-char'; +INSERT INTO schema (version, updated_at) VALUES (?, strftime("%s"));` + _, err := db.Exec(stmt, 28) + return err +} + func dbUpdateFromV26(db *sql.DB) error { stmt := ` ALTER TABLE images ADD COLUMN auto_update INTEGER NOT NULL DEFAULT 0; @@ -965,6 +973,12 @@ func dbUpdate(d *Daemon, prevVersion int) error { return err } } + if prevVersion < 28 { + err = dbUpdateFromV27(db) + if err != nil { + return err + } + } return nil } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes and minor features
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1674 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 7b184c16f12bec7933109a89f2d97e968da82e23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 27 Feb 2016 15:56:09 -0500 Subject: [PATCH 1/7] tests: Fix failure on networked test MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/remote.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/suites/remote.sh b/test/suites/remote.sh index e5f2107..0c7b37f 100644 --- a/test/suites/remote.sh +++ b/test/suites/remote.sh @@ -73,7 +73,7 @@ test_remote_admin() { # avoid default high port behind some proxies: if [ -z "${LXD_OFFLINE:-}" ]; then -lxc_remote remote add images images.linuxcontainers.org +lxc_remote remote add images1 images.linuxcontainers.org lxc_remote remote add images2 images.linuxcontainers.org:443 fi } From 906e0208bd2d01312482ccd1cb1dccf7dcf940f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sat, 27 Feb 2016 16:02:08 -0500 Subject: [PATCH 2/7] tests: Fix the number of certs check MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/remote.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/suites/remote.sh b/test/suites/remote.sh index 0c7b37f..ee04ad1 100644 --- a/test/suites/remote.sh +++ b/test/suites/remote.sh @@ -65,8 +65,9 @@ test_remote_admin() { # now re-add under a different alias lxc_remote config trust add "${LXD_CONF}/client2.crt" - if [ "$(lxc_remote config trust list | wc -l)" -ne 6 ]; then + if [ "$(lxc_remote config trust list | wc -l)" -ne 7 ]; then echo "wrong number of certs" +false fi # Check that we can add domains with valid certs without confirmation: From cd8d73c9489cb905ecfd3c6c53b1a8e375b6e76e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 26 Feb 2016 23:18:12 -0500 Subject: [PATCH 3/7] Add support for profile descriptions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- client.go | 2 +- lxd/db.go | 3 ++- lxd/db_profiles.go | 61 ++--- lxd/db_update.go| 14 lxd/profiles.go | 47 +++-- shared/container.go | 7 +++--- specs/database.md | 1 + specs/rest-api.md | 3 +++ 8 files changed, 91 insertions(+), 47 deletions(-) diff --git a/client.go b/client.go index c5b1468..4547872 100644 --- a/client.go +++ b/client.go @@ -1826,7 +1826,7 @@ func (c *Client) PutProfile(name string, profile shared.ProfileConfig) error { if profile.Name != name { return fmt.Errorf("Cannot change profile name") } - body := shared.Jmap{"name": name, "config": profile.Config, "devices": profile.Devices} + body := shared.Jmap{"name": name, "description": profile.Description, "config": profile.Config, "devices": profile.Devices} _, err := c.put(fmt.Sprintf("profiles/%s", name), body, Sync) return err } diff --git a/lxd/db.go b/lxd/db.go index c4f6cf5..a365b0e 100644 --- a/lxd/db.go +++ b/lxd/db.go @@ -34,7 +34,7 @@ type Profile struct { // Profiles will contain a list of all Profiles. type Profiles []Profile -const DB_CURRENT_VERSION int = 23 +const DB_CURRENT_VERSION int = 24 // CURRENT_SCHEMA contains the current SQLite SQL Schema. const CURRENT_SCHEMA string = ` @@ -127,6 +127,7 @@ CREATE TABLE IF NOT EXISTS images_properties ( CREATE TABLE IF NOT EXISTS profiles ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, name VARCHAR(255) NOT NULL, +description TEXT, UNIQUE (name) ); CREATE TABLE IF NOT EXISTS profiles_config ( diff --git a/lxd/db_profiles.go b/lxd/db_profiles.go index 78cfbad..4ab8ef3 100644 --- a/lxd/db_profiles.go +++ b/lxd/db_profiles.go @@ -9,24 +9,6 @@ import ( "github.com/lxc/lxd/shared" ) -func dbProfileID(db *sql.DB, profile string) (int64, error) { - id := int64(-1) - - rows, err := dbQuery(db, "SELECT id FROM profiles WHERE name=?", profile) - if err != nil { - return id, err - } - defer rows.Close() - - for rows.Next() { - var xID int64 - rows.Scan(&xID) - id = xID - } - - return id, nil -} - // dbProfiles returns a string list of profiles. func dbProfiles(db *sql.DB) ([]string, error) { q := fmt.Sprintf("SELECT name FROM profiles") @@ -46,14 +28,44 @@ func dbProfiles(db *sql.DB) ([]string, error)
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1661 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 28a6cd27e775bb0afdb9260c2fc8034ea7138c50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 25 Feb 2016 19:21:28 -0500 Subject: [PATCH 1/4] Remove old backward compat code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/main.go | 10 -- 1 file changed, 10 deletions(-) diff --git a/lxc/main.go b/lxc/main.go index a95daac..88845f5 100644 --- a/lxc/main.go +++ b/lxc/main.go @@ -95,16 +95,6 @@ func run() error { if err != nil { return err } - - // One time migration from old config - if config.DefaultRemote == "" { - _, ok := config.Remotes["local"] - if !ok { - config.Remotes["local"] = lxd.LocalRemote - } - config.DefaultRemote = "local" - lxd.SaveConfig(config, configPath) - } } // This is quite impolite, but it seems gnuflag needs us to shift our From 96d4e31f0e01285a8a1f4418285d392e33fa61fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 25 Feb 2016 20:13:54 -0500 Subject: [PATCH 2/4] Use common table rendering in the client MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/config.go | 9 + lxc/image.go | 11 ++- lxc/remote.go | 2 ++ 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/lxc/config.go b/lxc/config.go index 54134fc..5f02ee1 100644 --- a/lxc/config.go +++ b/lxc/config.go @@ -6,6 +6,7 @@ import ( "fmt" "io/ioutil" "os" + "sort" "strings" "syscall" @@ -260,15 +261,15 @@ func (c *configCmd) run(config *lxd.Config, args []string) error { } table := tablewriter.NewWriter(os.Stdout) + table.SetAutoWrapText(false) + table.SetRowLine(true) table.SetHeader([]string{ i18n.G("FINGERPRINT"), i18n.G("COMMON NAME"), i18n.G("ISSUE DATE"), i18n.G("EXPIRY DATE")}) - - for _, v := range data { - table.Append(v) - } + sort.Sort(SortImage(data)) + table.AppendBulk(data) table.Render() return nil diff --git a/lxc/image.go b/lxc/image.go index 182f08e..8187333 100644 --- a/lxc/image.go +++ b/lxc/image.go @@ -548,7 +548,8 @@ func (c *imageCmd) showImages(images []shared.ImageInfo, filters []string) error } table := tablewriter.NewWriter(os.Stdout) - table.SetColWidth(50) + table.SetAutoWrapText(false) + table.SetRowLine(true) table.SetHeader([]string{ i18n.G("ALIAS"), i18n.G("FINGERPRINT"), @@ -571,14 +572,14 @@ func (c *imageCmd) showAliases(aliases shared.ImageAliases) error { } table := tablewriter.NewWriter(os.Stdout) + table.SetAutoWrapText(false) + table.SetRowLine(true) table.SetHeader([]string{ i18n.G("ALIAS"), i18n.G("FINGERPRINT"), i18n.G("DESCRIPTION")}) - - for _, v := range data { - table.Append(v) - } + sort.Sort(SortImage(data)) + table.AppendBulk(data) table.Render() return nil diff --git a/lxc/remote.go b/lxc/remote.go index 9588660..f20f1bc 100644 --- a/lxc/remote.go +++ b/lxc/remote.go @@ -292,6 +292,8 @@ func (c *remoteCmd) run(config *lxd.Config, args []string) error { } table := tablewriter.NewWriter(os.Stdout) + table.SetAutoWrapText(false) + table.SetRowLine(true) table.SetHeader([]string{ i18n.G("NAME"), i18n.G("URL"), From f78cd5409f2483bbdda1488e1995ade4d4ba38b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 25 Feb 2016 21:27:04 -0500 Subject: [PATCH 3/4] specs: Remove section on Etag (not implemented) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- specs/rest-api.md | 22 ++ 1 file changed, 2 insertions(+), 20 deletions(-) diff --git a/specs/rest-api.md
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1658 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 5ddee073376f048c9c8714e4fe770ff17668358f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Wed, 24 Feb 2016 18:42:30 -0500 Subject: [PATCH 1/2] Remove trailing newline MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/main.go b/lxd/main.go index 5446033..1c04543 100644 --- a/lxd/main.go +++ b/lxd/main.go @@ -369,7 +369,7 @@ func daemon() error { signal.Notify(ch, syscall.SIGTERM) sig := <-ch - shared.Log.Info(fmt.Sprintf("Received '%s signal', exiting.\n", sig)) + shared.Log.Info(fmt.Sprintf("Received '%s signal', exiting.", sig)) ret = d.Stop() wg.Done() }() From a9c162d5a90a9d9381b11d0dd86c9b10b0e13937 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Thu, 25 Feb 2016 16:45:17 -0500 Subject: [PATCH 2/2] exec: Also do non-interactive when stdout is !tty MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxc/exec.go | 6 -- po/lxd.pot | 18 ++ 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/lxc/exec.go b/lxc/exec.go index a5c3033..d218fd5 100644 --- a/lxc/exec.go +++ b/lxc/exec.go @@ -45,7 +45,9 @@ func (c *execCmd) usage() string { return i18n.G( `Execute the specified command in a container. -lxc exec [remote:]container [--mode=auto|interactive|non-interactive] [--env EDITOR=/usr/bin/vim]... `) +lxc exec [remote:]container [--mode=auto|interactive|non-interactive] [--env EDITOR=/usr/bin/vim]... + +Mode defaults to non-interactive, interactive mode is selected if both stdin AND stdout are terminals (stderr is ignored).`) } func (c *execCmd) flags() { @@ -118,7 +120,7 @@ func (c *execCmd) run(config *lxd.Config, args []string) error { } else if c.modeFlag == "non-interactive" { interactive = false } else { - interactive = termios.IsTerminal(cfd) + interactive = termios.IsTerminal(cfd) && termios.IsTerminal(int(syscall.Stdout)) } var oldttystate *termios.State diff --git a/po/lxd.pot b/po/lxd.pot index d056a57..52fbebf 100644 --- a/po/lxd.pot +++ b/po/lxd.pot @@ -7,7 +7,7 @@ msgid "" msgstr "Project-Id-Version: lxd\n" "Report-Msgid-Bugs-To: lxc-devel@lists.linuxcontainers.org\n" -"POT-Creation-Date: 2016-02-23 19:02-0500\n" +"POT-Creation-Date: 2016-02-25 16:37-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -103,7 +103,7 @@ msgstr "" msgid "Aliases:" msgstr "" -#: lxc/exec.go:52 +#: lxc/exec.go:54 msgid "An environment variable of the form HOME=/home/foo" msgstr "" @@ -256,7 +256,7 @@ msgstr "" msgid "Device %s removed from %s" msgstr "" -#: lxc/list.go:410 +#: lxc/list.go:418 msgid "EPHEMERAL" msgstr "" @@ -287,7 +287,9 @@ msgstr "" #: lxc/exec.go:45 msgid "Execute the specified command in a container.\n" "\n" -"lxc exec [remote:]container [--mode=auto|interactive|non-interactive] [--env EDITOR=/usr/bin/vim]... " +"lxc exec [remote:]container [--mode=auto|interactive|non-interactive] [--env EDITOR=/usr/bin/vim]... \n" +"\n" +"Mode defaults to non-interactive, interactive mode is selected if both stdin AND stdout are terminals (stderr is ignored)." msgstr "" #: lxc/image.go:307 @@ -682,11 +684,11 @@ msgstr "" msgid "Output is in %s" msgstr "" -#: lxc/exec.go:53 +#: lxc/exec.go:55 msgid "Override the terminal mode (auto, interactive or non-interactive)" msgstr "" -#: lxc/list.go:412 +#: lxc/list.go:420 msgid "PERSISTENT" msgstr "" @@ -1022,7 +1024,7 @@ msgstr "" msgid "no" msgstr "" -#: lxc/copy.go:100 +#: lxc/copy.go:101 msgid "not all the profiles from the source exist on the target" msgstr "" @@ -1063,7 +1065,7 @@ msgstr "" msgid "taken at %s" msgstr "" -#: lxc/exec.go:157 +#: lxc/exec.go:159 msgid "unreachable return reached" msgstr "" ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Bugfixes
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/1629 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === From 68f86b9f741316c00f8aad8af562e7dfb226340b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 19 Feb 2016 20:25:02 -0500 Subject: [PATCH 1/2] tests: Keep pprof self-contained MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- test/suites/profiling.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/suites/profiling.sh b/test/suites/profiling.sh index 9d1870d..519d5fe 100644 --- a/test/suites/profiling.sh +++ b/test/suites/profiling.sh @@ -7,6 +7,7 @@ test_cpu_profiling() { lxdpid=$(cat "${LXD3_DIR}/lxd.pid") kill -TERM "${lxdpid}" wait "${lxdpid}" || true + export PPROF_TMPDIR="${TEST_DIR}/pprof" echo top5 | go tool pprof "$(which lxd)" "${LXD3_DIR}/cpu.out" echo "" @@ -32,6 +33,7 @@ test_mem_profiling() { timeout=$((timeout-1)) done + export PPROF_TMPDIR="${TEST_DIR}/pprof" echo top5 | go tool pprof "$(which lxd)" "${LXD4_DIR}/mem" echo "" From bf129258a95f7b47bc0d432665e17f792c8b4ee5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Sun, 21 Feb 2016 00:42:40 -0500 Subject: [PATCH 2/2] Use iproute2 instead of bridge-utils MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Graber --- lxd/container_lxc.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go index c8ca8c4..0701841 100644 --- a/lxd/container_lxc.go +++ b/lxd/container_lxc.go @@ -3100,7 +3100,7 @@ func (c *containerLXC) createNetworkDevice(name string, m shared.Device) (string } if m["nictype"] == "bridged" { - err = exec.Command("brctl", "addif", m["parent"], n1).Run() + err = exec.Command("ip", "link", "set", n1, "master", m["parent"]).Run() if err != nil { deviceRemoveInterface(n2) return "", fmt.Errorf("Failed to add interface to bridge: %s", err) ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel